Index of /publicDatasets/CTU-Malware-Capture-Botnet-148-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[TXT]README.md2015-09-26 13:32 875  
[   ]2015-10-23_capture-win8.pcap2015-10-23 10:00 47M 
[   ]2015-10-23_capture-win8.rrd2015-10-23 10:00 8.0M 
[   ]2015-10-23_capture-win8.dnstop2015-10-23 12:57 2.2K 
[   ]2015-10-23_capture-win8.passivedns2015-10-23 12:57 4.1K 
[   ]2015-10-23_capture-win8.capinfos2015-10-23 12:57 761  
[   ]2015-10-23_capture-win8.json2015-10-23 12:57 2.1K 
[TXT]2015-10-23_capture-win8.html2015-10-23 12:57 352K 
[   ]3a03427b49bb2ae0bd2604fe4ded731ba6668f142fc0dc1538bbcef1831fcef5.exe.zip2015-12-16 10:26 367K 
[   ]2015-10-23_capture-win8.weblogng2016-06-15 18:05 419  
[   ]2015-10-23_capture-win8.biargus2016-07-07 09:19 40M 
[   ]2015-10-23_capture-win8.binetflow2016-07-07 09:19 29M 
[   ]2015-10-23_capture-win8.tcpdstat2016-12-05 22:27 1.7K 
[TXT]fast-flux-dga-first-analysis.txt2017-01-14 17:00 2.6K 
[TXT]README.html2017-01-14 17:00 1.2K 
[DIR]bro/2017-08-31 09:45 -  

Description

Timeline

Sat Sep 26 13:12:40 CEST 2015

started win8

The proxy of the windows was set to 147.32.83.56:8088 Where mitmdump is running in normal mode.

Sat Sep 26 13:25:04 CEST 2015

uninstall guestadditions

Sat Sep 26 13:25:21 CEST 2015

reboot

Sat Sep 26 13:28:22 CEST 2015

infected