Tesla TeslaCrypt Ransomware Malware bpcgovyoyo.com POST /101/api.php PCAP File Download Traffic Analysis

46 engines detected this file 2017-11-29 19:41:47.972453 IP 192.168.1.102.50978 > 101.99.69.129.80: Flags [P.], seq 2262608480:2262608969, ack 633486147, win 256, length 489: HTTP: GET /serv/nv4.exe HTTP/1.1 E…o.@….>…fecE..”.P…`%.;CP…….GET /serv/nv4.exe HTTP/1.1 Accept: image/jpeg, …

Share
Read More