![]() Network traffic detected: HTTP traff ic on port 49799 -> 443 Network traffic detected: HTTP traff ic on port 443 -> 49 798 Network traffic detected: HTTP traff ic on port 443 -> 49 799 HTTP traffic detected: GET /docs/ securesc/h a0ro937gcu c7l7deffks ulhg5h7mbp 1/0bbf1109 0lmqcnv11o h7kschb18u nor6/16381 81725000/0 1591657853 412424088/ */1eLHHSjr PsT_5LmA9s tSGbcgvR_K lZTCv?e=do wnload HTT P/1.1User- Agent: Moz illa/5.0 ( Windows NT 6.1 WOW6 4 Trident /7.0 rv:1 1.0) like GeckoCache -Control: no-cacheHo st: doc-0s -7o-docs.g oogleuserc Connection : Keep-Ali veĭetected TCP or UDP traffic on non-standard ports 0 (Window s NT 6.1 WOW64 Tri dent/7.0 rv:11.0) l ike GeckoH ost: drive. HTTP traffic detected: GET /uc?ex port=downl oad&id=1eL HHSjrPsT_5 LmA9stSGbc gvR_KlZTCv HTTP/1.1U ser-Agent: Mozilla/5. Uses a known web browser user agent for HTTP communication IP address seen in connection with other malware JA3 SSL client fingerprint seen in connection with other malware Internet Provider seen in connection with other malware com/uc?ex port=downl oad&id=1eL HHSjrPsT_5 Lmf Source: Malware co nfiguratio n extracto r C2 URLs / IPs found in malware configuration
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |