Index of /publicDatasets/CTU-Malware-Capture-Botnet-129-1

[ICO]NameLast modifiedSizeDescription
[PARENTDIR]Parent Directory  -  
[TXT]fast-flux-dga-first-analysis.txt2017-01-14 17:09 3.8K 
[ ]fa19abacc73cc09ae00ae234ed6189ed72db64b187664484637f139964cb58b9.exe.zip2015-12-16 10:26 19K 
[DIR]bro/2017-08-31 09:45 -  
[TXT]README.md2015-07-07 21:25 559  
[TXT]README.html2017-01-14 17:09 746  
[ ]2015-06-30_capture-win20.weblogng2016-06-15 19:06 792  
[ ]2015-06-30_capture-win20.tcpdstat2016-12-05 22:29 1.9K 
[ ]2015-06-30_capture-win20.rrd2015-07-07 15:16 8.0M 
[ ]2015-06-30_capture-win20.pcap2015-07-07 15:07 2.3M 
[ ]2015-06-30_capture-win20.passivedns2015-08-28 21:10 2.5K 
[ ]2015-06-30_capture-win20.json2015-07-07 21:45 153K 
[TXT]2015-06-30_capture-win20.html2015-07-07 21:45 433K 
[ ]2015-06-30_capture-win20.dnstop2015-08-28 21:10 2.4K 
[ ]2015-06-30_capture-win20.capinfos2015-07-07 21:25 763  
[ ]2015-06-30_capture-win20.binetflow2015-10-15 16:14 128K 
[ ]2015-06-30_capture-win20.biargus2015-10-15 16:14 113K 

Timeline

Tue Jun 30 15:29:29 CEST 2015

started win20

Tue Jun 30 15:46:39 CEST 2015 infected

It was infected successfully and it connected to some TLS ports and non known ports.

For 7 days it did nothing more. We are not sure why not.

Tue Jul 7 15:11:49 CEST 2015

poweroff