Fri Jan 13 22:08:15 CET 2017
Automatic Analysis of the domains in this capture. Results maybe be wrong.
Using https://github.com/staaldraad/fastfluxanalysis
FastFlux Analysis Version: 1.0 (2013)

################################
count

################################
dns.msftncsi.com
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
dns.msftncsi.com.        |      14|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-25) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (7) Classified (Clean)
Rule Based: Clean

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score (0)
----  Geary's Coefficient ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score(0)

---- URL Analysis ----
Domain: dns.msftncsi.com.
Entropy analysis (UNIGRAM): Benign
Entropy analysis (BIGRAM): Benign
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): DGA
--

################################
trans_id

################################
www.harvard.edu
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
www.harvard.edu.         |    6069|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-30) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (6) Classified (Clean)
Rule Based: Clean

---- Geolocation ----

---- URL Analysis ----
Domain: www.harvard.edu.
Entropy analysis (UNIGRAM): DGA
Entropy analysis (BIGRAM): DGA
Probability analysis (UNIGRAM): DGA
Probability analysis (BIGRAM): DGA
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): DGA
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): DGA
Bayesian analysis (BIGRAM): Benign
--

################################
www.kaust.edu.sa
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
www.kaust.edu.sa.        |    3379|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-30) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (6) Classified (Clean)
Rule Based: Clean

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score (0)
----  Geary's Coefficient ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score(0)

---- URL Analysis ----
Domain: www.kaust.edu.sa.
Entropy analysis (UNIGRAM): DGA
Entropy analysis (BIGRAM): DGA
Probability analysis (UNIGRAM): DGA
Probability analysis (BIGRAM): DGA
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): DGA
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): DGA
Bayesian analysis (BIGRAM): Benign
--

################################
www.msftncsi.com
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
www.msftncsi.com.        |     241|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-25) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (7) Classified (Clean)
Rule Based: Clean

---- Geolocation ----

---- URL Analysis ----
Domain: www.msftncsi.com.
Entropy analysis (UNIGRAM): DGA
Entropy analysis (BIGRAM): DGA
Probability analysis (UNIGRAM): DGA
Probability analysis (BIGRAM): DGA
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): DGA
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): DGA
Bayesian analysis (BIGRAM): Benign
--

################################
www.unfoundation.org
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
www.unfoundation.org.    |     299|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-25) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (7) Classified (Clean)
Rule Based: Clean

---- Geolocation ----

---- URL Analysis ----
Domain: www.unfoundation.org.
Entropy analysis (UNIGRAM): DGA
Entropy analysis (BIGRAM): DGA
Probability analysis (UNIGRAM): DGA
Probability analysis (BIGRAM): DGA
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): DGA
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): DGA
Bayesian analysis (BIGRAM): Benign
--