Tag Archives: Purplehaze Malware Botnet Doing Click Fraud Traffic Sample

Purplehaze Malware Botnet Doing Click Fraud Traffic Sample

2012-01-30 23:17:47.265333 IP 172.29.0.116.1025 > 75.75.75.75.53: 20155+ A? howtodoitman[.]com. (34) E..>.E…..B…tKKKK…5.*.vN…………howtodoitman[.]com….. 2012-01-30 23:17:47.284888 IP 75.75.75.75.53 > 172.29.0.116.1025: 20155 1/0/0 A 141.136.16.156 (50) E@.N..@.9..7KKKK…t.5…:.FN…………howtodoitman[.]com…………..X…… 2012-01-30 23:17:47.285176 IP 172.29.0.116.1263 > 141.136.16.156.80: Flags [S], seq 1631912176, win 64240, options [mss 1460,nop,nop,sackOK], length 0 E..0.F@……..t…….PaE……p…………… 2012-01-30 23:17:47.423618 IP 141.136.16.156.80 > 172.29.0.116.1263: Flags [S.], seq 1417974632, ack 1631912177, win 65535,… Read More »

Share Button