![[ICO]](/icons/blank.gif){kind=icon}
![[PARENTDIR]](/icons/back.gif){kind=icon}
![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/folder.gif){kind=icon}
![[ ]](/icons/unknown.gif){kind=icon}
![[ ]](/icons/compressed.gif){kind=icon}
| Name | Last modified | Size | Description |
|---|---|---|---|---|
| Parent Directory | - | ||
| fast-flux-dga-first-analysis.txt | 2017-01-15 13:04 | 1.6K | |
| bro/ | 2017-08-31 09:45 | - | |
| README.md | 2016-05-29 13:47 | 926 | |
| README.html | 2017-01-15 13:04 | 1.2K | |
| 2015-04-22_capture-win6.weblogng | 2016-06-15 19:07 | 2.5K | |
| 2015-04-22_capture-win6.tcpdstat | 2016-12-05 22:30 | 1.7K | |
| 2015-04-22_capture-win6.rrd | 2015-04-22 09:29 | 8.0M | |
| 2015-04-22_capture-win6.pcap | 2015-04-22 09:23 | 5.0M | |
| 2015-04-22_capture-win6.passivedns | 2016-05-29 13:36 | 1.3K | |
| 2015-04-22_capture-win6.json | 2015-04-22 11:32 | 329K | |
| 2015-04-22_capture-win6.html | 2015-04-22 11:32 | 506K | |
| 2015-04-22_capture-win6.dnstop | 2016-05-29 13:36 | 1.6K | |
| 2015-04-22_capture-win6.capinfos | 2016-05-29 13:36 | 761 | |
| 2015-04-22_capture-win6.binetflow | 2016-05-29 13:40 | 1.3M | |
| 2015-04-22_capture-win6.biargus | 2016-05-29 13:40 | 3.0M | |
| 7cd95f1500289d4ba938169610060de0.exe.zip | 2015-12-16 10:26 | 165K | |
IP of infected host: 10.0.2.106
RobotHash
started win6
Perfectly infected (there was some fake error on adobe not reading something). Contacted ips on port 8080. so far non answering
At some point it start answering
poweroff