Skip navigation.
Home

Anyone have a pcap of Conficker.C's P2P behavior?

|

I've got a few .C machines running but for some reason, none of them have exhibited the P2P behavior of this variant. Do any of you have a scrubbed PCAP of this behavior that you would be comfortable sharing?
Thanks,
Rob

Upload of PCAP Conficker.C

I'm new to this site, but do have a pcap of Conficker.C taken over 9 hours on April 1st. Shows outbound highport activity which corresponds to the static/dynamic calculation of UDP/TCP destination ports, based on DIP|date arguments. PM me jetlag73@verizon.net