Name | Last modified | Size | Description | |
---|---|---|---|---|
Parent Directory | - | |||
bro/ | 2017-08-31 09:45 | - | ||
2016-08-03_win4.capinfos | 2016-09-03 11:12 | 1.1K | ||
README.md | 2017-05-30 15:13 | 1.7K | ||
2016-08-03_win4.tcpdstat | 2016-09-03 16:46 | 2.1K | ||
README.html | 2017-05-30 15:13 | 2.3K | ||
domains-requested.md | 2017-06-29 17:08 | 7.0K | ||
2016-08-03_win4.dnstop | 2016-09-03 11:11 | 25K | ||
e12a2c2b633ac12cec3e0d32950dcd5011d2aba4a9b95506c0fd3913446d7c22_miuref.exe.zip | 2016-09-03 11:09 | 87K | ||
2016-08-03_win4.passivedns | 2016-09-03 11:11 | 355K | ||
2016-08-03_win4.netflow5 | 2016-11-04 15:14 | 3.4M | ||
2016-08-03_win4.weblogng | 2016-09-03 11:12 | 5.8M | ||
2016-08-03_win4.rrd | 2016-08-11 23:59 | 8.0M | ||
2016-08-03_win4.biargus | 2016-09-03 11:12 | 23M | ||
2016-08-03_win4.binetflow | 2016-09-03 11:12 | 24M | ||
2016-08-03_win4.html | 2016-09-03 11:14 | 84M | ||
2016-08-03_win4.json | 2016-09-03 11:14 | 139M | ||
2016-08-03_win4.pcap | 2016-08-11 23:59 | 211M | ||
Duration: 8.13 days
RobotHash
- Infected host: 192.168.1.114
- Default GW: 192.168.1.2
started win4
infected
power off
The malware connects to servers using the port 443/TCP, but the traffic is not TLS or SSL.