Description

• Probable Name: Necurse
• MD5: 1db5333a57f56c4b80bc213ed7675793
• SHA1: 3a41f4e108fbe1996b1ede5de72c82aa61172805
  
• SHA256: b3ca90d4b289d31bbdefbff7d9b42bfeb0f44f97e4738c7c1b88e4cad59b6e9f
• Zip password: infected

• Duration: 4.7 days

• VirusTotal
• HybridAnalysis

• RobotHash

Files

-.capinfos - Capinfos file - .dnstop - DNS top file - .mitm - Mitm proxy interception file of http and https - .passivedns - Passive DNS file - .pcap - Original pcap file - .rrd - RRD file for graphs - .weblogng - WEB log of http traffic - .exe.zip - Original malware file - bro - Folder with all the bro output files - .biargus - Argus binary file with all the flows - .binetflow - Argus text file with bidirectional flows. Report time 3600 secs.

IP Addresses

- Infected host: 10.0.2.106

Timeline

Thu Jul 7 13:58:59 CEST 2016

Started win6

Thu Jul 7 21:36:05 CEST 2016

Infected

?

Poweroff