Tag Archives: HISTORICAL Malware Sample – Kelihos – Traffic Sample Indicators Analysis

HISTORICAL Malware Sample – Kelihos – Traffic Sample Indicators Analysis

2013-02-03 20:35:15.922405 IP 172.16.253.132.1416 > 176.8.210.229.80: Flags [F.], seq 1, ack 1, win 64240, length 0 E..(.^M@….?………..P..t!ZZ..P……. 2013-02-03 20:35:15.922525 IP 176.8.210.229.80 > 172.16.253.132.1416: Flags [.], ack 2, win 64239, length 0 E..(……5……….P..ZZ….t”P…………. 2013-02-03 20:35:15.971042 IP 172.16.253.132.1417 > 94.154.224.58.80: Flags [S], seq 2079267976, win 64240, options [mss 1460,nop,nop,sackOK], length 0 E..0..@….P….^..:…P{…….p….t………. 2013-02-03 20:35:16.243353 IP 176.8.210.229.80 >… Read More »

Share Button