Tag Archives: ZeroAccess Peer-to-Peer Rootkit Trojan – Loading Click Fraud Module Traffic Sample UDP/16464

ZeroAccess Peer-to-Peer Rootkit Trojan – Loading Click Fraud Module Traffic Sample UDP/16464

2012-10-04 10:27:07.382847 IP 192.168.248.1.51587 > 192.168.248.255.5002: UDP, length 306 E..N….@.V/………….:..DRINETTM……….?………….@……………@miqn.2005-09.com.drobo.host:admins-Mac-Pro.local4ecbf077………………………………………………………………………………………………………………………………………………………………………………… 2012-10-04 10:27:12.421041 IP 192.168.248.1.51587 > 192.168.248.255.5002: UDP, length 306 E..N….@.x:………….:..DRINETTM……….?………….@……………@miqn.2005-09.com.drobo.host:admins-Mac-Pro.local4ecbf077………………………………………………………………………………………………………………………………………………………………………………… 2012-10-04 10:27:15.945104 IP 192.168.248.165.1110 > 8.8.8.8.53: 13107+ A? j.maxmind.com. (31) E..;.q….p……….V.5.’B.33………..j.maxmind.com….. 2012-10-04 10:27:15.956553 IP 8.8.8.8.53 > 192.168.248.165.1110: 13107 1/0/0 A 108.168.255.244 (47) E..K…….W………5.V.7′.33………..j.maxmind.com…………./…l… 2012-10-04 10:27:15.975499 IP 192.168.248.165.1111 > 108.168.255.244.80: Flags [S], seq 251996263, win 64240,… Read More »

Share Button