Tag Archives: LURK0 Remote Access Trojan Malware Traffic Sample Hard to Detect – port 9494

LURK0 Remote Access Trojan Malware Traffic Sample Hard to Detect – port 9494

2012-10-07 02:59:50.712242 IP 172.16.253.132.1083 > 216.176.190.44.9494: Flags [P.], seq 1:152, ack 1, win 64240, length 151 E….|@….J…….,.;%…..Z…P…q…LURK0……..x.kf.e.apgpbpa0c..#…….. L.>…!`1..f.rF…….$..#…. ………..fHe(b(c.dH………l ..:..r..”…!..P ….v…V`z0d0`0…/.T…..g.) 2012-10-07 02:59:50.712552 IP 216.176.190.44.9494 > 172.16.253.132.1083: Flags [.], ack 152, win 64240, length 0 E..(0y………,….%..;Z…….P…………. 2012-10-07 02:59:51.262392 IP 216.176.190.44.9494 > 172.16.253.132.1083: Flags [P.], seq 1:23, ack 152, win 64240, length 22 E..>0z………,….%..;Z…….P…….LURK0……..x.c…… 2012-10-07 02:59:51.363241… Read More »

Share Button