SHA256: 408e5e7d86d222882eab6a3f5cc71ccd9c2d98c74a6b321c761b7ef6f82c88ba File name: read.php?f=0.dat.1 Detection ratio: 22 / 55 Analysis date: 2017-01-21 23:05:38 UTC ( 0 minutes ago ) aspersky HEUR:Trojan.Win32.Generic 20170120 Malwarebytes Trojan.MalPack.VB 20170120 McAfee PWSZbot-FHN 20170120 McAfee-GW-Edition BehavesLike.Win32.Worm.tt 20170120 eScan Trojan.GenericKD.4185884 20170120 Microsoft Trojan:Win32/Dynamer!ac 20170120 Panda Trj/GdSda.A 20170120 Qihoo-360 HEUR/QVM03.0.A425.Malware.Gen 20170121 Sophos Troj/Zbot-LPS 20170120 Symantec ML.Relationship.HighConfidence [Infostealer.Limitail] 20170120 Tencent Win32.Trojan.Generic.Swba 20170121 TrendMicro TSPY_INFOSTEAL.RRG 20170121 TrendMicro-HouseCall TSPY_INFOSTEAL.RRG 20170121 VIPRE Trojan.Win32.Generic!BT 20170121 ViRobot Trojan.Win32.Infostealer.1854296[h] 20170121 Yandex Trojan.Injector!fxtPd0Ocb/U 20170120   2017-01-21 01:34:57.576124 IP 192.168.1.102.50646 > 84.200.34.99.80: Flags [P.], seq 0:293, ack 1, win 256, length 293: HTTP: GET /read.php?f=0.dat HTTP/1.1 E..M3.@….U…fT.”c…Pa..F..3.P…….GET /read.php?f=0.dat HTTP/1.1 Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */* Accept-Language: […]