Index of /publicDatasets/CTU-Malware-Capture-Botnet-168-2

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[   ]mitm.out2016-08-11 17:56 256M 
[   ]2016-08-03_win-1.rrd2016-08-11 23:59 8.0M 
[   ]2016-08-03_win-1.pcap2016-08-11 23:59 364M 
[   ]2016-08-03_win-1.dnstop2016-08-15 20:44 19K 
[   ]2016-08-03_win-1.passivedns2016-08-15 20:44 29K 
[   ]2016-08-03_win-1.capinfos2016-08-15 20:46 757  
[   ]2016-08-03_win-1.weblogng2016-08-15 20:46 21M 
[   ]2016-08-03_win-1.biargus2016-08-15 20:46 134M 
[   ]2016-08-03_win-1.binetflow2016-08-15 20:46 137M 
[   ]be8797e324da219fedf06732347c4993.exe.zip2016-08-15 20:50 100K 
[TXT]README.md2016-08-15 20:50 1.6K 
[   ]2016-08-03_win-1.json2016-08-16 01:26 29M 
[TXT]2016-08-03_win-1.html2016-08-16 01:26 26M 
[   ]2016-08-03_win-1.tcpdstat2016-09-03 16:47 2.0K 
[   ]2016-08-03_win-1.weblog2016-09-07 15:08 19M 
[   ]2016-08-03_win-1.mitm.weblog2016-12-06 08:06 21M 
[TXT]fast-flux-dga-first-analysis.txt2017-01-15 16:20 31K 
[TXT]README.html2017-01-15 16:28 2.1K 
[DIR]bro/2017-08-31 09:45 -  

Description

Files

IP Addresses

- Infected host: 192.168.1.110
- Default GW: 192.168.1.2

Timeline

Wed Aug 3 11:59:06 CEST 2016

started win1 already infected with be8797e324da219fedf06732347c4993.exe

Fri Aug 12 13:00:00 CEST 2016 approx

power off