![[ICO]](/icons/blank.gif){kind=icon}
![[PARENTDIR]](/icons/back.gif){kind=icon}
![[DIR]](/icons/folder.gif){kind=icon}
![[TXT]](/icons/text.gif){kind=icon}
![[ ]](/icons/unknown.gif){kind=icon}
| Name | Last modified | Size | Description |
|---|---|---|---|---|
| Parent Directory | - | ||
| bro/ | 2017-08-31 09:45 | - | |
| README.md | 2015-06-15 09:41 | 694 | |
| 2015-06-07_capture-win12.capinfos | 2015-06-14 16:02 | 766 | |
| README.html | 2017-01-14 17:09 | 1.0K | |
| 2015-06-07_capture-win12.tcpdstat | 2016-12-05 22:29 | 1.7K | |
| 2015-06-07_capture-win12.passivedns | 2016-12-05 22:29 | 1.8K | |
| 2015-06-07_capture-win12.dnstop | 2016-12-05 22:29 | 1.9K | |
| fast-flux-dga-first-analysis.txt | 2017-01-14 17:09 | 2.5K | |
| derby.log | 2015-06-14 16:18 | 72K | |
| 2015-06-07_capture-win12.binetflow | 2015-09-17 17:11 | 2.1M | |
| 2015-06-07_capture-win12.json | 2015-06-07 21:02 | 2.3M | |
| 2015-06-07_capture-win12.biargus | 2015-06-14 16:06 | 2.3M | |
| 2015-06-07_capture-win12.html | 2015-06-07 21:02 | 2.6M | |
| 2015-06-07_capture-win12.weblogng | 2016-06-15 19:07 | 4.2M | |
| 2015-06-07_capture-win12.rrd | 2015-06-07 20:42 | 8.0M | |
| 2015-06-07_capture-win12.pcap | 2015-06-07 20:38 | 337M | |
started win12
infected
Worked
I click on yes to open IE by making it the default browser.
At 15.40 today it stopped sending HTTP traffic simulating a connection to Microsoft. The machine is up and running.
poweroff