Index of /publicDatasets/CTU-Malware-Capture-Botnet-164-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[   ]2015-07-01_winnormal2.biargus2016-12-05 22:20 2.7G 
[   ]2015-07-01_winnormal2.binetflow2016-12-05 22:25 2.2G 
[   ]2015-07-01_winnormal2.capinfos2016-07-01 20:44 0  
[   ]2015-07-01_winnormal2.dnstop2016-07-01 20:09 22K 
[TXT]2015-07-01_winnormal2.html2016-07-04 07:18 283M 
[   ]2015-07-01_winnormal2.json2016-07-04 07:18 585M 
[   ]2015-07-01_winnormal2.netflow52016-11-05 02:11 2.4G 
[   ]2015-07-01_winnormal2.passivedns2016-07-01 20:11 2.1M 
[   ]2015-07-01_winnormal2.pcap2016-06-22 22:04 12G 
[   ]2015-07-01_winnormal2.rrd2016-07-01 20:06 8.0M 
[   ]2015-07-01_winnormal2.tcpdstat2016-09-03 16:50 2.1K 
[   ]2015-07-01_winnormal2.uniargus2016-10-11 19:58 3.5G 
[   ]2015-07-01_winnormal2.uninetflow2016-10-11 20:06 2.7G 
[   ]2015-07-01_winnormal2.weblogng2016-07-01 20:46 4.0M 
[TXT]README.html2017-01-13 22:08 1.8K 
[TXT]README.md2016-07-01 21:04 1.2K 
[DIR]bro/2017-08-31 09:45 -  
[   ]c5d81a096cbc34edd0046e33cffbe070.exe.zip2016-07-01 20:05 157K 
[TXT]fast-flux-dga-first-analysis.txt2017-01-13 22:08 16M 

Description

Timeline

Sat Mar 19 18:56:07 CET 2016

Started win normal 2

Sat Mar 19 18:57:11 CET 2016

Open googlechrome

Sat Mar 19 19:00:32 CET 2016

search "test page for me" in google

Sat Mar 19 19:01:11 CET 2016

Accessed normally a link in www.linkedin.com

Sat Mar 19 19:02:03 CET 2016

infected

Sat Mar 19 19:05:14 CET 2016

I reopened the chrome browser because it was closed

Tue Mar 22 15:47:21 CET 2016

Started the mail sink daemon

Fri Jul 1 19:53:49 CEST 2016

Rebooted because since 2016 May 20 that it is not sending packets

Fri Jul 1 20:04:22 CEST 2016

Poweroff