XtremeRat APT Implant Remote Access Trojan Traffic Sample Download PCAP

By | January 29, 2016

Download full PCAP traffic sample : xtremerat.pcap

1970-01-01 -4:-59:-3.627690 IP 10.0.2.15.1050 > 189.75.20.224.81: Flags [P.], seq 1:298, ack 1, win 64240, length 297
E..Q.|@…..
….K…..Q…..L,.P…….GET /1234567890.functions HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: pokemom2015.no-ip.org:81
Connection: Keep-Alive
Cache-Control: no-cache

Share Button