Index of /publicDatasets/CTU-Malware-Capture-Botnet-188-2

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[   ]2016-09-22_win3.biargus2016-09-22 20:39 23M 
[   ]2016-09-22_win3.binetflow2016-09-22 20:39 25M 
[   ]2016-09-22_win3.capinfos2016-09-22 20:19 1.1K 
[   ]2016-09-22_win3.dnstop2016-09-22 20:18 13K 
[TXT]2016-09-22_win3.html2016-09-22 20:26 1.5M 
[   ]2016-09-22_win3.json2016-09-22 20:26 2.5M 
[   ]2016-09-22_win3.passivedns2016-09-22 20:18 33K 
[   ]2016-09-22_win3.pcap2016-09-22 19:59 171M 
[   ]2016-09-22_win3.rdd2016-09-22 19:59 8.0M 
[   ]2016-09-22_win3.tcpdstat2016-09-22 20:19 2.1K 
[   ]2016-09-22_win3.weblogng2016-09-22 20:19 13K 
[   ]48616dd47e12e369feef53a57830158a.exe.zip2016-09-22 20:21 7.5M 
[TXT]README.html2017-01-15 16:28 2.2K 
[TXT]README.md2017-03-10 13:50 1.5K 
[DIR]bro/2017-08-31 09:45 -  
[TXT]fast-flux-dga-first-analysis.txt2017-01-15 16:19 49K 

Description

Files

IP Addresses

- Infected host: 192.168.1.113
- Default GW: 192.168.1.2

Timeline

Fri Sep 9 11:30:46 CEST 2016

started win3

Fri Sep 9 11:31:28 CEST 2016

infected

This time the Flash sign is correct and giving options

Fri Sep 9 11:32:44 CEST 2016

Click on "Allow adobe to install updates"

Fri Sep 9 11:34:54 CEST 2016

Click on Finished

Thu Sep 22 19:58:45 CEST 2016

power off