Description

• Probable Name: Miuref
• MD5: b6a34c79f5dbbcb3fda3bb18031bcecb
  
• SHA1: cb9f2ec1c2e573dbcf85991216d0a5fdb3cdf741
  
• SHA256: 157105c6105cdad29e3dffae1199d2cc61fb77f7cdd9bed7071791bdc7426ae7
  
• Password of zip file: infected

• Duration ~ 6 days

• VirusTotal
• HybridAnalysis

• RobotHash

Files

• .capinfos
  • Capinfos file
• .dnstop
  • DNS top file
• .mitm
  • Mitm proxy interception file of http and https
• .passivedns
  • Passive DNS file
• .pcap
  • Original pcap file
• .rrd
  • RRD file for graphs
• .weblogng
  • WEB log of http traffic
• .exe.zip
  • Original malware file
• bro
  • Folder with all the bro output files
• .biargus
  • Argus binary file with all the flows
• .binetflow
  • Argus text file with bidirectional flows. Report time 3600 secs.

IP Addresses

- Infected host: 192.168.1.115
- Default GW: 192.168.1.2

Timeline

Thu Aug 4 16:58:11 CEST 2016

started win5

Thu Aug 4 17:00:55 CEST 2016

infected

Thu Aug 11 2016, 23:59:38

power off