Index of /publicDatasets/CTU-Malware-Capture-Botnet-162-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[DIR]bro/2017-08-31 09:45 -  
[   ]2016-05-29_capture-win5.capinfos2016-05-29 10:49 762  
[   ]2016-05-29_capture-win5.weblogng2016-06-15 17:38 798  
[TXT]README.md2016-05-29 11:32 1.0K 
[TXT]README.html2017-01-13 22:08 1.3K 
[   ]2016-05-29_capture-win5.tcpdstat2016-09-03 16:52 1.9K 
[   ]2016-05-29_capture-win5.dnstop2016-05-29 10:49 2.4K 
[   ]2016-05-29_capture-win5.passivedns2016-05-29 10:49 2.5K 
[TXT]fast-flux-dga-first-analysis.txt2017-01-13 22:08 3.8K 
[   ]8e45ab1536864c8a23591fffc0266e1dab1787845e75ba5f25e0383a9388ec36.exe.zip2016-05-29 10:47 23K 
[   ]2016-05-29_capture-win5.json2016-05-29 11:37 147K 
[TXT]2016-05-29_capture-win5.html2016-05-29 11:37 422K 
[   ]2016-05-29_capture-win5.binetflow2016-05-29 11:10 442K 
[   ]2016-05-29_capture-win5.biargus2016-05-29 11:10 1.0M 
[   ]2016-05-29_capture-win5.pcap2016-05-29 10:38 1.5M 
[   ]2016-05-29_capture-win5.rrd2016-05-29 10:38 8.0M 

Description

Timeline

Sat May 28 13:09:48 CEST 2016

started win5

Sat May 28 13:12:23 CEST 2016

infected

The CC port is not open and the malware keeps connecting for a long time. Summary:

Sun May 29 10:38:11 CEST 2016

poweroff