Tag Archives: HISTORICAL Malware Sample – TBOT TORNET – Traffic Sample Indicators Analysis

HISTORICAL Malware Sample – TBOT TORNET – Traffic Sample Indicators Analysis

2012-10-07 08:37:05.992015 IP 172.16.253.131.1172 > 216.146.39.70.80: Flags [P.], seq 1:70, ack 1, win 64240, length 69 E..m..@…P…….’F…P..a’..h.P….   ..GET / HTTP/1.1 Host: checkip.dyndns.org Cache-Control: no-cache     2012-10-07 08:37:05.992351 IP 216.146.39.70.80 > 172.16.253.131.1172: Flags [.], ack 70, win 64240, length 0 E..(……….’F…..P….h…alP…^F…….. 2012-10-07 08:37:06.075207 IP 216.146.39.70.80 > 172.16.253.131.1172: Flags [FP.], seq 1:261, ack 70, win 64240,… Read More »

Share Button