Index of /publicDatasets/CTU-Malware-Capture-Botnet-110-2

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[   ]2014-03-09_capture-win9.biargus2016-12-06 08:09 279K 
[   ]2014-03-09_capture-win9.binetflow2016-12-06 08:09 114K 
[   ]2014-03-09_capture-win9.capinfos2016-12-06 08:09 1.1K 
[   ]2014-03-09_capture-win9.dnstop2016-12-06 08:09 17K 
[TXT]2014-03-09_capture-win9.html2015-04-09 13:35 21M 
[   ]2014-03-09_capture-win9.json2015-04-09 13:35 38M 
[   ]2014-03-09_capture-win9.passivedns2016-12-06 08:09 30K 
[   ]2014-03-09_capture-win9.pcap2017-04-25 09:39 24M 
[   ]2014-03-09_capture-win9.tcpdstat2016-12-06 08:09 1.9K 
[   ]2014-03-09_capture-win9.uniargus2016-12-06 08:09 1.1M 
[   ]2014-03-09_capture-win9.uninetflow2016-12-06 08:09 458K 
[   ]2014-03-09_capture-win9.weblogng2016-06-15 19:03 377K 
[TXT]README.html2017-04-25 09:39 701  
[TXT]README.md2015-06-12 14:32 476  
[DIR]bro/2017-04-25 09:39 -  
[   ]e515267ba19417974a63b51e4f7dd9e9.exe.zip2015-12-16 10:26 39K 
[TXT]fast-flux-dga-first-analysis.txt2017-01-15 16:34 196  

Timeline

Wed Mar 4 15:12:11 CET 2015

started win9

Wed Mar 4 15:14:18 CET 2015

infected

Correctly infected

Mon Mar 9 11:40:09 CET 2015

Some days ago win9 stop sending packets, so I'm rebooting it. Strangely, the vm was stopped!!!! So I have to start it again. Weird. Now we made a new pcap file.

It is still infected.

Mon Mar 9 15:06:07 CET 2015

The server froze. A new capture was started