Name | Last modified | Size | Description | |
---|---|---|---|---|
Parent Directory | - | |||
6f192c38d24c17ddd0d4de60b12ae2e2.exe.zip | 2015-12-16 10:26 | 51K | ||
2015-03-09_capture_win3.biargus | 2016-12-05 22:31 | 17M | ||
2015-03-09_capture_win3.binetflow | 2016-12-05 22:31 | 6.3M | ||
2015-03-09_capture_win3.capinfos | 2015-06-24 14:52 | 760 | ||
2015-03-09_capture_win3.dnstop | 2016-12-05 22:31 | 1.6K | ||
2015-03-09_capture_win3.html | 2015-06-24 14:58 | 10M | ||
2015-03-09_capture_win3.json | 2015-06-24 14:58 | 6.5M | ||
2015-03-09_capture_win3.passivedns | 2016-12-05 22:31 | 1.4K | ||
2015-03-09_capture_win3.pcap | 2015-03-09 14:19 | 22M | ||
2015-03-09_capture_win3.tcpdstat | 2016-12-05 22:31 | 1.7K | ||
2015-03-09_capture_win3.weblogng | 2016-06-15 17:43 | 797K | ||
README.html | 2017-01-15 13:04 | 652 | ||
README.md | 2015-06-24 14:51 | 457 | ||
bro/ | 2017-08-31 09:45 | - | ||
fast-flux-dga-first-analysis.txt | 2017-01-15 13:04 | 1.6K | ||
started win3
Infected
It was perfectly infected, seding probably encrypted post requests.
The server computer froze and I have to restart the capture.