Tag Archives: Early Dirtjumper botnet performing Click Fraud Adware instead of DDoS Traffic Sample

Early Dirtjumper botnet performing Click Fraud Adware instead of DDoS Traffic Sample

2011-10-03 21:42:49.094609 ARP, Reply 172.16.165.2 is-at 00:50:56:e0:b4:af, length 28 ………PV………)……. 2011-10-03 21:42:49.094710 IP 172.16.165.128.49770 > 172.16.165.2.53: 17008+ A? asdaddddaaaa[.]com. (34) E..>……. ………j.5.*..Bp………..asdaddddaaaa[.]com….. 2011-10-03 21:42:49.109841 IP 172.16.165.2.53 > 172.16.165.128.49770: 17008 1/0/0 A 195.3.145.87 (50) E..N.6……………5.j.:. Bp………..asdaddddaaaa[.]com………………..W 2011-10-03 21:42:49.114307 IP 172.16.165.128.1035 > 195.3.145.87.80: Flags [S], seq 2900643694, win 16384, options [mss 1460,nop,nop,sackOK], length 0 E..0..@…S……..W…P..On….p.@…………. 2011-10-03 21:42:49.232779… Read More »

Share Button