Name | Last modified | Size | Description | |
---|---|---|---|---|
Parent Directory | - | |||
2016-09-19_win2.biargus | 2016-09-19 18:08 | 401M | ||
2016-09-19_win2.binetflow | 2016-09-19 18:08 | 387M | ||
2016-09-19_win2.capinfos | 2016-09-19 17:53 | 1.1K | ||
2016-09-19_win2.dnstop | 2016-09-19 17:51 | 10K | ||
2016-09-19_win2.html | 2016-09-19 18:06 | 1.1M | ||
2016-09-19_win2.json | 2016-09-19 18:06 | 1.4M | ||
2016-09-19_win2.mitm.weblog | 2016-12-05 22:14 | 49K | ||
2016-09-19_win2.netflow5 | 2016-11-07 20:01 | 93M | ||
2016-09-19_win2.passivedns | 2016-09-19 17:51 | 20K | ||
2016-09-19_win2.pcap | 2016-09-19 17:35 | 687M | ||
2016-09-19_win2.rrd | 2016-09-19 17:36 | 8.0M | ||
2016-09-19_win2.tcpdstat | 2016-09-19 17:54 | 2.1K | ||
2016-09-19_win2.weblogng | 2016-09-19 17:54 | 53M | ||
48616dd47e12e369feef53a57830158a.exe.zip | 2016-09-19 18:01 | 7.5M | ||
README.html | 2017-01-13 14:10 | 2.1K | ||
README.md | 2016-09-19 18:00 | 1.5K | ||
bro/ | 2017-10-29 19:34 | - | ||
fast-flux-dga-first-analysis.txt | 2017-01-13 14:10 | 17K | ||
mitm.out | 2016-09-10 18:09 | 2.3M | ||
mitm.out.bak | 2017-10-29 19:34 | 2.3M | ||
wget-log | 2017-10-29 20:28 | 3.8K | ||
Capture generated with a transparent mitmproxy
RobotHash
- Infected host: 192.168.1.112
- Default GW: 192.168.1.2
started win2
infected
click on the button Finished I think it had some issues with the mitmproxy, maybe some of the connections were not SSL?
power off