Tag Archives: MALWARE – Sality – Historical Traffic Sample User-Agent: KUKU

MALWARE – Sality – Historical Traffic Sample User-Agent: KUKU

2013-02-03 17:24:12.573644 IP 172.16.253.129.1051 > 97.74.182.1.80: Flags [P.], seq 1:135, ack 1, win 64240, length 134 E….S@…9…..aJ…..Pt…OR.LP…….GET /mainh.gif?114ce4=11337960 HTTP/1.1 User-Agent: KUKU v5.06exp =9355466431 Host: www.livelife-eg.com Cache-Control: no-cache     2013-02-03 17:24:12.576583 IP 97.74.182.1.80 > 172.16.253.129.1051: Flags [.], ack 135, win 64240, length 0 E..(……z.aJ…….P..OR.Lt..@P…………. 2013-02-03 17:24:12.623503 IP 4.2.2.2.53 > 172.16.253.129.53: 64245 2/0/0 CNAME livelife-eg.com., A… Read More »

Share Button