Skip navigation.

Anyone have a pcap of Conficker.C's P2P behavior?


I've got a few .C machines running but for some reason, none of them have exhibited the P2P behavior of this variant. Do any of you have a scrubbed PCAP of this behavior that you would be comfortable sharing?

Upload of PCAP Conficker.C

I'm new to this site, but do have a pcap of Conficker.C taken over 9 hours on April 1st. Shows outbound highport activity which corresponds to the static/dynamic calculation of UDP/TCP destination ports, based on DIP|date arguments. PM me