Index of /publicDatasets/CTU-Malware-Capture-Botnet-187-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[DIR]bro/2017-08-31 09:45 -  
[   ]2016-09-19_win1.weblogng2016-09-19 15:53 232  
[   ]2016-09-19_win1.capinfos2016-09-19 15:53 1.1K 
[TXT]README.md2016-09-19 16:30 1.4K 
[   ]2016-09-19_win1.tcpdstat2016-09-19 15:53 2.0K 
[TXT]README.html2017-01-13 14:10 2.0K 
[   ]2016-09-19_win1.passivedns2016-09-19 15:53 3.5K 
[   ]2016-09-19_win1.dnstop2016-09-19 15:53 6.1K 
[TXT]fast-flux-dga-first-analysis.txt2017-01-13 14:10 10K 
[   ]2016-09-19_win1.mitm.weblog2016-12-05 22:14 15K 
[   ]mitm.out2016-09-06 18:50 673K 
[   ]daf0b1d58c8b8fd7d08bc237c5cdb31d.exe.zip2016-09-19 15:55 760K 
[   ]2016-09-19_win1.rrd2016-09-19 15:38 8.0M 
[   ]2016-09-19_win1.biargus2016-09-19 16:18 18M 
[   ]2016-09-19_win1.binetflow2016-09-19 16:18 20M 
[   ]2016-09-19_win1.uninetflow2016-12-05 22:14 50M 
[   ]2016-09-19_win1.pcap2016-09-19 15:26 58M 
[   ]2016-09-19_win1.uniargus2016-12-05 22:14 73M 

Description

Files

IP Addresses

- Infected host: 192.168.1.110
- Default GW: 192.168.1.2

Timeline

Tue Sep 6 16:59:20 CEST 2016

started win1

Check if we used IE to google

Tue Sep 6 17:19:39 CEST 2016

infected

Mon Sep 19 15:25:58 CEST 2016

power off