CapTipper Report

PCAP File	Analysis Time	CapTipper Version	Traffic Time
/opt/Malware-Project/BigDataset/Scenarios/CTU-Malware-Capture-Botnet-172-1//2016-01-06_capture-win8.pcap	08/05/16 13:25:13	0.2 b10	08/13/75 13:21:22

www.wuzjilrag.com (50.19.102.217:80)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

/pts_prksh.php

text/html

pts_prksh.php

200 OK

TEXT

487.0 B

08/13/75 13:21:22

Download
SHA256	14c70c7b919c5636b13165b1107abe46179b594b4cbfead645b5d96a1ab79d83
Referer
Magic	Inconclusive. Probably text (TEXT)
Request	POST /pts_prksh.php HTTP/1.1 Content-Type: application/x-www-form-urlencoded User-Agent: NSIS_Inetc (Mozilla) Host: www.wuzjilrag.com Content-Length: 105 Connection: Keep-Alive Cache-Control: no-cache
Response Header	HTTP/1.1 200 OK Date: Wed, 01 Jun 2016 12:33:38 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.14 Content-Length: 487 Connection: close Content-Type: text/html; charset=UTF-8
Response Peek (128 B)	http://www.stsunsetwest.com/DSS_Unq_IMapplication_mon_remote_dcmd.php http://www.stsunsetwest.com/DS_Unq_trackstats_mon.php CZ...

www.stsunsetwest.com (50.19.102.217:80)

URI

RESPONSE TYPE

FILENAME

RESPONSE CODE

MAGIC

SIZE

TIME

/DSS_Unq_IMapplication_mon_remote_dcmd.php

text/html

DSS_Unq_IMapplication_mon_remote_dcmd.php

200 OK

0.0 B

09/22/75 20:50:55

/DS_Unq_trackstats_mon.php

text/html

DS_Unq_trackstats_mon.php

200 OK

0.0 B

03/07/76 06:31:42