Looks like this piece of Windows malware: <a href="https://malwr.com/analysis/NDI4YmUxNjM0ZTUwNDY0OWFhNjM3YzFiZmY1YmQ4ZDU/" rel="nofollow">https://malwr.com/analysis/NDI4YmUxNjM0ZTUwNDY0OWFhNjM3YzFiZ...</a><p>It uses a data file called AF.dat and connect to bittorrent.
i'm pretty sure the most popular torrent in the DHT doesnt have 644 downloads in the last week.<p>this must be measuring downloads/hits from btdigg.org (only), so someone is linking directly to it and relying on them to jump clients into the DHT perhaps?
For the curious, the magnet link is: magnet:?xt=urn:btih:a4a75d2e4095d457467777673e96cd331575b511&dn=AF<p>file(1) has nothing to say about it but at a glance it doesn't look like a uniform encrypted blob...
That whole list is kind of fascinating. Interesting to see the movies and shows that are particularly popular when it comes to piracy (Marvel, Marvel, Marvel...)
I'm going to guess at a password database of some kind, perhaps a "rainbow table". There seem to be frequent occurrences of long strings of the alphabet. Byte value counts are almost equal.
There's another curious entry too, "x86", with filenames consisting of a random collection of unzipping .dlls and other weird stuff... Why would anyone want to torrent such a seemingly useless collection of random files?