× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 142a92b5916f4a11763eaa4a667e501131f41cfbbff0e400680393d1813055dc
File name: ExploitKitTurfWars.pcap
Detection ratio: 0 / 54
Analysis date: 2016-02-16 19:53:06 UTC ( 3 years, 3 months ago )
Intrusion Detection System Result
Snort 18 alerts
Suricata 22 alerts
Antivirus Result Update
Ad-Aware 20160216
AegisLab 20160216
Yandex 20160215
AhnLab-V3 20160216
Alibaba 20160216
ALYac 20160216
Antiy-AVL 20160216
Arcabit 20160216
Avast 20160216
AVG 20160216
Avira (no cloud) 20160216
Baidu-International 20160216
BitDefender 20160216
Bkav 20160215
ByteHero 20160216
CAT-QuickHeal 20160216
ClamAV 20160216
CMC 20160216
Comodo 20160216
Cyren 20160216
DrWeb 20160216
Emsisoft 20160216
ESET-NOD32 20160216
F-Prot 20160216
F-Secure 20160216
Fortinet 20160216
GData 20160216
Ikarus 20160216
Jiangmin 20160216
K7AntiVirus 20160216
K7GW 20160216
Kaspersky 20160216
Malwarebytes 20160216
McAfee 20160216
McAfee-GW-Edition 20160216
Microsoft 20160216
eScan 20160216
NANO-Antivirus 20160216
nProtect 20160216
Panda 20160216
Qihoo-360 20160216
Rising 20160216
Sophos AV 20160216
SUPERAntiSpyware 20160216
Symantec 20160216
Tencent 20160216
TheHacker 20160215
TrendMicro 20160216
TrendMicro-HouseCall 20160216
VBA32 20160216
VIPRE 20160216
ViRobot 20160216
Zillya 20160216
Zoner 20160216
PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 18 alerts and Suricata triggered 22 alerts.
Wireshark file metadata
File encapsulation Ethernet
Number of packets 5299
Data size 3425 kB
Start time 2016-02-16 20:13:01
File type Wireshark/tcpdump/... - pcap
End time 2016-02-16 20:19:03
Capture duration 362 seconds
HTTP requests
DNS requests
Snort alerts Sourcefire VRT ruleset
Suricata alerts Emerging Threats ETPro ruleset
File identification
MD5 df055996bdccaf16977cee33ebbb2913
SHA1 70ae05813e03f44ae1481c2df599e5917d7f2b29
SHA256 142a92b5916f4a11763eaa4a667e501131f41cfbbff0e400680393d1813055dc
ssdeep
98304:wirGCBPSI0k6NrYop+FC97h128tOu/nh50qTxCzIr:wPCBuNrzp+FC9F128tbnwqtC6

File size 3.3 MB ( 3510279 bytes )
File type Network capture
Magic literal
tcpdump capture file (little-endian) - version 2.4 (Ethernet, capture length 65535)

TrID TCPDUMP's style capture (100.0%)
Tags
malware cap trojan

VirusTotal metadata
First submission 2016-02-16 19:53:06 UTC ( 3 years, 3 months ago )
Last submission 2016-02-16 19:53:06 UTC ( 3 years, 3 months ago )
File names ExploitKitTurfWars.pcap
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!