Name | Last modified | Size | Description | |
---|---|---|---|---|
Parent Directory | - | |||
bro/ | 2017-08-31 09:45 | - | ||
2016-04-29_win-3.weblogng | 2016-08-01 22:21 | 232 | ||
README.md | 2016-08-01 22:22 | 735 | ||
2016-04-29_win-3.capinfos | 2016-08-01 22:21 | 756 | ||
README.html | 2017-01-13 20:52 | 1.0K | ||
2016-04-29_win-3.passivedns | 2016-08-01 22:19 | 1.3K | ||
2016-04-29_win-3.tcpdstat | 2016-09-03 16:48 | 1.3K | ||
2016-04-29_win-3.dnstop | 2016-08-01 22:19 | 15K | ||
14010ce6f03e0a978693424d60e34ba9.exe.zip | 2016-12-05 21:23 | 30K | ||
fast-flux-dga-first-analysis.txt | 2017-01-13 20:52 | 59K | ||
2016-04-29_win-3.rrd | 2016-07-12 07:31 | 8.0M | ||
2016-04-29_win-3.binetflow | 2016-12-05 22:17 | 55M | ||
2016-04-29_win-3.biargus | 2016-12-05 22:17 | 78M | ||
2016-04-29_win-3.pcap | 2016-05-02 10:18 | 155M | ||
SHA256: 8006cbd1c70b2ed096af9c72d6fef2c3e9cb0a4168540897967e5d3bbb2331bc
RobotHash
started win3
Infected
It is using DGA, and is the fasted DGA I ever saw.