Category Archives: Malware Traffic Samples

Kaixin Malware Trojan Traffic Analysis Download PCAP Sample

Download Kaixin PCAP Sample : kaixin.pcap   2015-01-02 19:50:37.708348 IP 192.168.138.158.1042 > 119.147.137.128.80: Flags [S], seq 75942973, win 64240, options [mss 1460,nop,nop,sackOK], length 0 E..0..@………w……P…=….p…f……….. 2015-01-02 19:50:37.882144 IP 119.147.137.128.80 > 192.168.138.158.1042: Flags [S.], seq 954914802, ack 75942974, win 16384, options [mss 1260,nop,nop,sackOK], length 0 E..0X\..o…w……..P..8……>p.@..y………. 2015-01-02 19:50:37.882622 IP 192.168.138.158.1042 > 119.147.137.128.80: Flags [.], ack 1, win… Read More »

Share Button

Zemot/Harbinger Rootkit Trojan Downloader Loads Kuluoz/Asprox Malware PCAP Traffic Sample

Download Zemot/Harbinger Kuluoz Trojan Downloader PCAP : zemot.pcap E..(..@….A…..wi..t.P…… .P….=…….. 2014-08-15 09:11:05.358087 IP 172.16.204.128.49268 > 46.119.105.213.80: Flags [P.], seq 1:294, ack 1, win 64240, length 293: HTTP: GET /b/shoe/749634 HTTP/1.1 E..M..@……….wi..t.P…… .P…….GET /b/shoe/749634 HTTP/1.1 Accept: */* Connection: Close User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152;… Read More »

Share Button

RARE Zuponcic Exploit Kit Traffic Sample Devlivers Adware:SanctionedMedia PCAP Download

Download this rare PCAP : zuponcic   Adware:MSIL/SanctionedMedia is a specific detection used by Microsoft Security Essentials,Windows Defender and other antivirus products to indicate and detect a Potentially Unwanted Program. A potentially unwanted application is a program that contains adware, installs toolbars or has other unclear objectives. Adware:MSIL/SanctionedMedia it’s technically not a virus, but it does… Read More »

Share Button

RARE Android Linux OS Smart Phone Malware Fake Security Update : Security.Update.apk PCAP Traffic Download

Download fake security update Security.Update.apk Malware PCAP : android   Since it poses as a security update for Android, it’s highly likely that someone may fall for this trick and choose to install the malware. VIPRE Mobile detects this new variant as Trojan.AndroidOS.NoCom.a. This particular Android Trojan doesn’t reveal itself with bells and whistles upon installation.… Read More »

Share Button

Infamous DarkComet RAT Remote Access Trojan or Remote Administration Tool PCAP Traffic Sample

Download Darkcomet PCAP sample : darkcomet.pcap   DarkComet is a remote access Trojan (RAT) which was developed by Jean-Pierre Lesueur (known as DarkCoderSc), an independent programmer and computer security coder from France.[1] The developer does not call it a “remote administration Trojan,” but rather a “remote administration tool”. Although the RAT was developed back in… Read More »

Share Button