BotHunter ®
  Cyber-TA Internet Release
  Computer Science Laboratory
  SRI International


  SAMPLE NAME:    Kraken_1_botHunter.txt
  Last Updated: Tue Dec 29 13:38:09 2009
BOTHUNTER LOGO
www.BOTHUNTER.net


Victim IP
 		Max Score
 		Profiles
 		CCs
 		Events
192.168.184.128
 1.0 VIEW 1
  • 207.10.232.21 Country: United States (Us), City: (Unknown City).
  • 66.29.58.119 Country: United States (Us), City: (Unknown City).
  • 69.41.162.77 (Www.Goldsgym.Com.162.41.69.In-Addr.Arpa), Country: United States (Us), City: (Unknown City).
  • 1:2008104 {udp} C&C Communication: ET TROJAN Bobax/Kraken/Oderoor UDP 447 CnC Channel Initial Packet Outbound; 1043->447
  • 1:2008104 {udp} C&C Communication: ET TROJAN Bobax/Kraken/Oderoor UDP 447 CnC Channel Initial Packet Outbound; 1047->447
  • 1:2008104 {udp} C&C Communication: ET TROJAN Bobax/Kraken/Oderoor UDP 447 CnC Channel Initial Packet Outbound; 1051->447
  • 777:7777005 (4) {tcp} Outbound Scan: Detected moderate malware port scanning of 9 IPs (6 /24s) (# pkts S/M/O/I=1/57/12/4): 137u:47, 138u:10