Index of /publicDatasets/CTU-Malware-Capture-Botnet-128-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[TXT]fast-flux-dga-first-analysis.txt2017-01-14 17:09 2.5K 
[   ]derby.log2015-06-14 16:18 72K 
[DIR]bro/2017-08-31 09:45 -  
[TXT]README.md2015-06-15 09:41 694  
[TXT]README.html2017-01-14 17:09 1.0K 
[   ]2015-06-07_capture-win12.weblogng2016-06-15 19:07 4.2M 
[   ]2015-06-07_capture-win12.tcpdstat2016-12-05 22:29 1.7K 
[   ]2015-06-07_capture-win12.rrd2015-06-07 20:42 8.0M 
[   ]2015-06-07_capture-win12.pcap2015-06-07 20:38 337M 
[   ]2015-06-07_capture-win12.passivedns2016-12-05 22:29 1.8K 
[   ]2015-06-07_capture-win12.json2015-06-07 21:02 2.3M 
[TXT]2015-06-07_capture-win12.html2015-06-07 21:02 2.6M 
[   ]2015-06-07_capture-win12.dnstop2016-12-05 22:29 1.9K 
[   ]2015-06-07_capture-win12.capinfos2015-06-14 16:02 766  
[   ]2015-06-07_capture-win12.binetflow2015-09-17 17:11 2.1M 
[   ]2015-06-07_capture-win12.biargus2015-06-14 16:06 2.3M 

Timeline

Mon Jun 1 21:26:32 CEST 2015

started win12

Mon Jun 1 21:28:34 CEST 2015

infected

Worked

Tue Jun 2 08:59:05 CEST 2015

I click on yes to open IE by making it the default browser.

Wed Jun 3 16:37:52 CEST 2015

At 15.40 today it stopped sending HTTP traffic simulating a connection to Microsoft. The machine is up and running.

Sun Jun 7 20:41:22 CEST 2015

poweroff