![[ICO]](/icons/blank.gif){kind=icon}
![[PARENTDIR]](/icons/back.gif){kind=icon}
![[ ]](/icons/unknown.gif){kind=icon}
![[TXT]](/icons/text.gif){kind=icon}
![[ ]](/icons/compressed.gif){kind=icon}
![[DIR]](/icons/folder.gif){kind=icon}
| Name | Last modified | Size | Description |
|---|---|---|---|---|
| Parent Directory | - | ||
| 2013-09-09_capture-win18.biargus | 2016-08-27 22:07 | 768K | |
| 2013-09-09_capture-win18.binetflow | 2016-08-27 22:07 | 796K | |
| 2013-09-09_capture-win18.capinfos | 2016-08-27 21:53 | 1.1K | |
| 2013-09-09_capture-win18.dnstop | 2016-08-27 21:53 | 6.0K | |
| 2013-09-09_capture-win18.html | 2016-08-27 22:02 | 255M | |
| 2013-09-09_capture-win18.json | 2016-08-27 22:02 | 556M | |
| 2013-09-09_capture-win18.passivedns | 2016-08-27 21:53 | 24K | |
| 2013-09-09_capture-win18.pcap | 2013-09-09 14:02 | 254M | |
| 2013-09-09_capture-win18.rrd | 2013-12-09 18:09 | 181K | |
| 2013-09-09_capture-win18.tcpdstat | 2017-01-15 14:30 | 1.8K | |
| 2013-09-09_capture-win18.weblogng | 2016-08-27 21:53 | 139K | |
| README.html | 2017-01-15 14:31 | 2.3K | |
| README.md | 2016-08-27 21:58 | 1.7K | |
| SOLVE+ELEC.exe.zip | 2015-12-16 10:28 | 1.2M | |
| bro/ | 2017-08-31 09:45 | - | |
| fast-flux-dga-first-analysis.txt | 2017-01-15 14:31 | 25K | |
Name of original file: SOLVE+ELEC.exe
RobotHash
- Infected hosts: Win7, IP: 10.0.2.118, Name: Win18infected vm called win8 It asked me to install some files. It opened a zip file, but i did not execute the files inside the zip. Right now, after installing the exec, it kept downloading stuff There were some http connections...
The win8 seems to be pretty idle..., and it popup a message to update foxreader. I will update it. It will download 28MB!
infected Win18 ; IP 10.0.2.118 ;
An installation, button download pressed and close when account window has appeared.