Index of /publicDatasets/CTU-Malware-Capture-Botnet-148-1

	Name	Last modified	Size	Description
	Parent Directory		-
	bro/	2017-08-31 09:45	-
	2015-10-23_capture-win8.weblogng	2016-06-15 18:05	419
	2015-10-23_capture-win8.capinfos	2015-10-23 12:57	761
	README.md	2015-09-26 13:32	875
	README.html	2017-01-14 17:00	1.2K
	2015-10-23_capture-win8.tcpdstat	2016-12-05 22:27	1.7K
	2015-10-23_capture-win8.json	2015-10-23 12:57	2.1K
	2015-10-23_capture-win8.dnstop	2015-10-23 12:57	2.2K
	fast-flux-dga-first-analysis.txt	2017-01-14 17:00	2.6K
	2015-10-23_capture-win8.passivedns	2015-10-23 12:57	4.1K
	2015-10-23_capture-win8.html	2015-10-23 12:57	352K
	3a03427b49bb2ae0bd2604fe4ded731ba6668f142fc0dc1538bbcef1831fcef5.exe.zip	2015-12-16 10:26	367K
	2015-10-23_capture-win8.rrd	2015-10-23 10:00	8.0M
	2015-10-23_capture-win8.binetflow	2016-07-07 09:19	29M
	2015-10-23_capture-win8.biargus	2016-07-07 09:19	40M
	2015-10-23_capture-win8.pcap	2015-10-23 10:00	47M

Description

• Probable name: Variant.Zusy
• MD5: 2b699579010f0f489903594e86b7e116
  
• SHA1: 3c10c67e0a025f9bcf072c39af877ed6904310b3
  
• SHA256: 3a03427b49bb2ae0bd2604fe4ded731ba6668f142fc0dc1538bbcef1831fcef5
  
• VirusTotal
• HybridAnalysis
• RobotHash

Timeline

Sat Sep 26 13:12:40 CEST 2015

started win8

The proxy of the windows was set to 147.32.83.56:8088 Where mitmdump is running in normal mode.

Sat Sep 26 13:25:04 CEST 2015

uninstall guestadditions

Sat Sep 26 13:25:21 CEST 2015

reboot

Sat Sep 26 13:28:22 CEST 2015

infected