RIG Exploit Kit EK Delivering a TEAMVIEWER Reverse Shell Backdoor Malware PCAP file download traffic sample

2016-10-21 21:31:29.018549 IP 192.168.1.5.50248 > 192.95.15.211.80: Flags [P.], seq 454:1107, ack 2446, win 16537, length 653: HTTP: GET /index.php?w36KfrmaJR3NA4I=l3SMfPrfJxzFGMSUb-nJDa9GP0XCRQLPh4SGhKrXCJ-ofSih17OIFxzsqAycFUKCqrF4Qu4Fah2h1QWScEZrmYRPFgVIove8hQLfyhSWkpOD9UHfYg5D_5qdFeA_3gykx7lHdJhxxxOB6jBZzL8aQFFT6wkZjuyeV7PC7kpzXlBxFlvbJN0sohfQDmK1JDEqi_W5SDx-1g HTTP/1.1 E…oe@………._…H.P!.n..1.gP.@…..GET /index.php?w36KfrmaJR3NA4I=l3SMfPrfJxzFGMSUb-nJDa9GP0XCRQLPh4SGhKrXCJ-ofSih17OIFxzsqAycFUKCqrF4Qu4Fah2h1QWScEZrmYRPFgVIove8hQLfyhSWkpOD9UHfYg5D_5qdFeA_3gykx7lHdJhxxxOB6jBZzL8aQFFT6wkZjuyeV7PC7kpzXlBxFlvbJN0sohfQDmK1JDEqi_W5SDx-1g HTTP/1.1 Accept: */* Referer: http://gl9q.s57ae8vl3.top/?w36KfrmaJR3NA4I=l3SKfPrfJxzFGMSUb-nJDa9GP0XCRQLPh4SGhKrXCJ-ofSih17OIFxzsqAycFUKCqrF4Qu4Fah2h1QWScEZrmYRPFgVIove8hQLfyhSWkpOD9UHfYg5D_5qdFeA_3gykx7lHdJhxxxOB6jBZzL8aQFFd Accept-Language: en-US User-Agent: …

Read More