Tag Archives: APT Like – XTremeRAT – Remote Access Trojan – Port 336 Traffic GET /1234567890.functions

APT Like – XTremeRAT – Remote Access Trojan – Port 336 Traffic GET /1234567890.functions

………PV.z ……)..1…………………. 2013-02-03 19:10:21.612693 IP 172.16.253.131.53 > 8.8.8.8.53: 47611+ A? shittway.zapto.org. (36) E..@……………..5.5.,……………shittway.zapto.org….. 2013-02-03 19:10:21.612755 IP 172.16.253.131.53 > 4.2.2.2.53: 47611+ A? shittway.zapto.org. (36) E..@……………..5.5.,……………shittway.zapto.org….. 2013-02-03 19:10:21.708585 IP 172.16.253.131.1046 > 197.163.56.70.336: Flags [S], seq 2370154844, win 64240, options [mss 1460,nop,nop,sackOK], length 0 E..0..@…S,……8F…P.E.\….p…………… 2013-02-03 19:10:22.114884 IP 172.16.253.131.1046 > 197.163.56.70.336: Flags [.], ack 1045510444, win 64240, length… Read More »

Share Button