https://www.virustotal.com/en/file/96fb78cf6f9420bf83e9f3a730237500401a861859189a580455a883f6a0d33f/analysis/1470998826/   2016-10-23 01:19:15.986646 IP 192.168.1.102.58875 > 203.130.61.232.80: Flags [P.], seq 0:298, ack 1, win 256, length 298: HTTP: GET /359/setup_120.exe HTTP/1.1 E..RW.@…._…f..=….P…6..?@P….?..GET /359/setup_120.exe HTTP/1.1 Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */* Accept-Language: en-us User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Accept-Encoding: gzip, deflate Host: xiazai.51jetso.com Connection: Keep-Alive 2016-10-23 01:19:25.769716 IP 192.168.1.102.58878 > 220.243.237.153.80: Flags [P.], seq 0:98, ack 1, win 256, length 98: HTTP: GET /soft/azbconfig.ini HTTP/1.0 E…Y.@….-…f…….PQ……0P…….GET /soft/azbconfig.ini HTTP/1.0 Host: khit.cn User-Agent: NSISDL/1.2 (Mozilla) Accept: */* 2016-10-23 01:19:25.817228 IP 192.168.1.102.58878 > 220.243.237.153.80: Flags [.], ack 435, win 254, length 0 E..(Y.@……..f…….PQ…….P…………. 2016-10-23 01:19:25.833005 IP 192.168.1.102.58878 > […]