Index of /publicDatasets/CTU-Malware-Capture-Botnet-193-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[   ]2016-10-12_capture_win20.biargus2017-02-24 15:52 38M 
[   ]2016-10-12_capture_win20.binetflow2017-02-24 15:52 23M 
[   ]2016-10-12_capture_win20.capinfos2017-02-24 15:52 1.1K 
[   ]2016-10-12_capture_win20.dnstop2017-02-24 15:49 14K 
[TXT]2016-10-12_capture_win20.html2016-10-14 11:24 66M 
[   ]2016-10-12_capture_win20.json2016-10-14 11:24 141M 
[   ]2016-10-12_capture_win20.mitm.weblog2017-02-24 15:53 102K 
[   ]2016-10-12_capture_win20.passivedns2017-02-24 15:49 71K 
[   ]2016-10-12_capture_win20.pcap2016-10-12 23:20 260M 
[   ]2016-10-12_capture_win20.tcpdstat2017-02-24 15:52 2.1K 
[   ]2016-10-12_capture_win20.uniargus2017-02-24 15:52 500M 
[   ]2016-10-12_capture_win20.uninetflow2017-02-24 15:53 317M 
[   ]2016-10-12_capture_win20.weblogng2017-02-24 15:52 33K 
[   ]2016-10-12_win20.rrd2016-10-12 23:21 8.0M 
[TXT]README.html2017-02-24 15:53 2.0K 
[TXT]README.md2016-10-17 15:36 1.4K 
[DIR]bro/2017-08-31 09:45 -  
[   ]db9530dff0a71d48e4877d47990af006.exe.zip2016-12-05 21:24 7.8M 
[TXT]fast-flux-dga-first-analysis.txt2017-02-24 15:53 91K 
[   ]mitm.out2016-10-12 22:37 52M 

Description

Files

IP Addresses

- Infected host: 192.168.1.130
- Default GW: 192.168.1.2

Timeline

Thu Sep 15 16:10:53 CEST 2016

started win20

Thu Sep 15 16:21:34 CEST 2016

infected

Thu Sep 22 16:24:53 CEST 2016 clicked "Run CCleaner"

Wed Oct 12 23:20:39 CEST 2016

power off