Fri Nov 21 10:10:10 CET 2014
started win5


Fri Nov 21 10:16:18 CET 2014
infected with
/opt/Malware-Project/malware-to-test/shared-folder/43ecaeb983683f57af842c8993e242e6.exe

Some domains are sinkholed
04:16:34.888839 tcp 10.0.2.105 49654    -> 166.78.144.80 80 SPA_FSPA 9 1392  s[120]=POST /login.php?ost=rMpIoDYMQ&lyhf=13756155&osux=55882053 HTTP/1.1..Content-Type: application/x-www-form-urlencoded..Use d[120]=HTTP/1.1 200 OK..Date: Mon, 24 Nov 2014 12:45:45 GMT..Server: Apache/2.2.20 (Ubuntu)..X-Sinkhole: malware-sinkhole..Vary s[300]=POST /login.php?ost=rMpIoDYMQ&lyhf=13756155&osux=55882053 HTTP/1.1..Content-Type: application/x-www-form-urlencoded..User-Agent: Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.0; .NET CLR 1.0.2914)..Host: taskshowerreaction.com..Content-Length: 355..Connection: Keep-Alive..Cache-Control: no-cache. d[232]=HTTP/1.1 200 OK..Date: Mon, 24 Nov 2014 12:45:45 GMT..Server: Apache/2.2.20 (Ubuntu)..X-Sinkhole: malware-sinkhole..Vary: Accept-Encoding..Content-Length: 0..Keep-Alive: timeout=1..Connection: Keep-Alive..Content-Type: text/html....