Index of /publicDatasets/CTU-Malware-Capture-Botnet-122-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[   ]7cd95f1500289d4ba938169610060de0.exe.zip2015-12-16 10:26 165K 
[   ]2015-04-22_capture-win6.biargus2016-05-29 13:40 3.0M 
[   ]2015-04-22_capture-win6.binetflow2016-05-29 13:40 1.3M 
[   ]2015-04-22_capture-win6.capinfos2016-05-29 13:36 761  
[   ]2015-04-22_capture-win6.dnstop2016-05-29 13:36 1.6K 
[TXT]2015-04-22_capture-win6.html2015-04-22 11:32 506K 
[   ]2015-04-22_capture-win6.json2015-04-22 11:32 329K 
[   ]2015-04-22_capture-win6.passivedns2016-05-29 13:36 1.3K 
[   ]2015-04-22_capture-win6.pcap2015-04-22 09:23 5.0M 
[   ]2015-04-22_capture-win6.rrd2015-04-22 09:29 8.0M 
[   ]2015-04-22_capture-win6.tcpdstat2016-12-05 22:30 1.7K 
[   ]2015-04-22_capture-win6.uniargus2016-12-05 22:30 7.6M 
[   ]2015-04-22_capture-win6.uninetflow2016-12-05 22:30 3.1M 
[   ]2015-04-22_capture-win6.weblogng2016-06-15 19:07 2.5K 
[TXT]README.html2017-01-15 13:04 1.2K 
[TXT]README.md2016-05-29 13:47 926  
[DIR]bro/2017-08-31 09:45 -  
[TXT]fast-flux-dga-first-analysis.txt2017-01-15 13:04 1.6K 

Description

Timeline

Wed Apr 15 14:34:25 CEST 2015

started win6

Wed Apr 15 14:35:14 CEST 2015

Perfectly infected (there was some fake error on adobe not reading something). Contacted ips on port 8080. so far non answering

At some point it start answering

Wed Apr 22 09:25:43 CEST 2015

poweroff