Vintage Gh0st APT FTP Malware Traffic Sample Download PCAP

2012-08-05 22:50:40.647899 IP 192.168.106.141.1068 > 121.63.150.15.21: Flags [R.], seq 266, ack 1, win 0, length 0E..(.W@…….j.y?…,…..F.J.8P…….2012-08-05 22:50:40.648984 IP 192.168.106.141.1032 > 192.168.106.2.53: 10854+ A? netuser.dns1.us. (33)E..=.X…..w..j…j….5.)..*f………..netuser.dns1.us…..2012-08-05 22:50:40.698458 IP 192.168.106.2.53 > 192.168.106.141.1032: 10854 1/0/0 A 27.22.117.26 (49)E..M……K)..j…j..5…9N.*f………..netuser.dns1.us……………….u.2012-08-05 22:50:40.698958 IP 192.168.106.141.1069 > 27.22.117.26.23: Flags [S], seq 1192051896, win 64240, options [mss 1460,nop,nop,sackOK], length 0E..0.Y@…= ..j…u..-..G.D…..p…<………..2012-08-05 22:50:43.616747 IP 192.168.106.141.1069 … Read more