× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 28a1210ecaac245e28be041fd8e80ddfc3d90d96035a675e9524ca547316b7c4
File name: 2017-01-06-Sundown-EK-sends-Terdot.A-Zloader.pcap
Detection ratio: 1 / 55
Analysis date: 2017-01-12 17:07:09 UTC ( 9 months, 1 week ago )
Intrusion Detection System Result
Snort 6 alerts
Suricata 22 alerts
Antivirus Result Update
CAT-QuickHeal HTML.Agent.GC 20170112
Ad-Aware 20170112
AegisLab 20170112
AhnLab-V3 20170112
Alibaba 20170112
ALYac 20170112
Antiy-AVL 20170112
Arcabit 20170112
Avast 20170112
AVG 20170112
Avira (no cloud) 20170112
AVware 20170112
Baidu 20170112
BitDefender 20170112
Bkav 20170112
ClamAV 20170112
CMC 20170112
Comodo 20170112
CrowdStrike Falcon (ML) 20161024
Cyren 20170112
DrWeb 20170112
Emsisoft 20170112
ESET-NOD32 20170112
F-Prot 20170112
F-Secure 20170112
Fortinet 20170112
GData 20170112
Ikarus 20170112
Sophos ML 20170111
Jiangmin 20170112
K7AntiVirus 20170112
K7GW 20170112
Kaspersky 20170112
Kingsoft 20170112
Malwarebytes 20170112
McAfee 20170108
McAfee-GW-Edition 20170112
Microsoft 20170112
eScan 20170112
NANO-Antivirus 20170112
nProtect 20170112
Panda 20170112
Qihoo-360 20170112
Rising 20170112
Sophos AV 20170112
SUPERAntiSpyware 20170112
Symantec 20170111
Tencent 20170112
TheHacker 20170111
TrendMicro 20170112
TrendMicro-HouseCall 20170112
Trustlook 20170112
VBA32 20170112
VIPRE 20170112
ViRobot 20170112
WhiteArmor 20170111
Yandex 20170111
Zillya 20170112
Zoner 20170112
PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 6 alerts and Suricata triggered 22 alerts.
Wireshark file metadata
File encapsulation Ethernet
Number of packets 886
Data size 964 kB
Start time 2017-01-06 20:54:48
File type Wireshark/tcpdump/... - pcap
End time 2017-01-06 20:55:18
Capture duration 30 seconds
HTTP requests
Snort alerts Sourcefire VRT ruleset
Suricata alerts Emerging Threats ETPro ruleset
File identification
MD5 7f6053f0a5a1707333e5dc121ec564e8
SHA1 b67749bb417b5be53e28d1c4875ec9ab0794d6b3
SHA256 28a1210ecaac245e28be041fd8e80ddfc3d90d96035a675e9524ca547316b7c4
ssdeep
24576:vPkIGAimDgzcsFnQeRawwZ5vHQsAR+PPp:dNDcZKwY9Qsx

File size 955.5 KB ( 978479 bytes )
File type Network capture
Magic literal
tcpdump capture file (little-endian) - version 2.4 (Ethernet, capture length 65535)

TrID TCPDUMP's style capture (100.0%)
Tags
malware cap trojan

VirusTotal metadata
First submission 2017-01-11 20:22:59 UTC ( 9 months, 2 weeks ago )
Last submission 2017-01-12 17:07:09 UTC ( 9 months, 1 week ago )
File names 2017-01-06-Sundown-EK-sends-Terdot.A-Zloader.pcap
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!