CapTipper

Analysis Info

PCAP File Analysis Time CapTipper Version Traffic Time
/opt/Malware-Project/BigDataset/Scenarios/CTU-Malware-Capture-Botnet-190-1//2016-09-28_capture_win17.pcap 06/29/17 21:34:20 0.2 b10 12/03/72 07:50:54

Flow View

wjtqjleommc4z46i.7j6htz.bidrl.ammyy.comClient

Client Details

IP192.168.1.127
MAC08:00:27:b4:73:3e
USER-AGENTMozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)

Conversations

rl.ammyy.com    (176.56.184.37:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
0/text/html0.html200 OKTEXT162.0 B12/03/72 07:50:54

wjtqjleommc4z46i.7j6htz.bid    (45.59.114.125:80)
IDURIRESPONSE TYPEFILENAMERESPONSE CODEMAGICSIZETIME
1/4F5A-5E08-232D-0082-1FF1?autotext/html4F5A-5E08-232D-0082-1FF1302 FoundGZ20.0 B08/07/30 17:54:57
2/4F5A-5E08-232D-0082-1FF1/intro?nsttext/htmlintro200 OKHTML638.0 B08/19/30 07:44:59
3/4F5A-5E08-232D-0082-1FF1/language?t=101682976text/htmllanguage200 OKHTML1.5 KB10/11/30 03:57:55
4/media/style.csstext/cssstyle.css200 OKTEXT1.2 KB10/28/30 08:53:32
5/media/bs3/css/bootstrap.min.csstext/cssbootstrap.min.css200 OKTEXT118.4 KB10/26/30 07:26:53
6/media/respond.min.jstext/htmlrespond.min.js502 Bad GatewayHTML568.0 B11/22/30 23:56:04
7/media/html5shiv.min.jsapplication/javascripthtml5shiv.min.js200 OKTEXT1.3 KB11/21/30 11:42:49
8/media/moment.min.jsapplication/javascriptmoment.min.js200 OKTEXT34.6 KB11/23/30 00:04:56
9/media/bs3/fonts/glyphicons-halflings-regular.eot?application/vnd.ms-fontobjectglyphicons-halflings-regular.eot200 OKBINARY19.7 KB11/18/30 08:25:19
10/media/jquery.min.jsapplication/javascriptjquery.min.js200 OKTEXT82.4 KB11/22/30 23:59:56
11/media/images/bg.jpgimage/jpegbg.jpg200 OKJPG9.4 KB12/15/30 08:35:00
12/favicon.icoimage/x-iconfavicon.ico200 OKGZ20.0 B01/02/31 17:14:45
13/media/flags.gifimage/gifflags.gif200 OKGIF6.3 KB12/15/30 18:04:59
14/media/images/logo.pngimage/pnglogo.png200 OKPNG12.4 KB12/15/30 08:31:22