Index of /publicDatasets/CTU-Malware-Capture-Botnet-195-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[DIR]bro/2017-08-31 09:45 -  
[   ]mitm.out2016-10-17 19:21 0  
[   ]2016-11-1_win20.weblogng2016-11-01 19:28 232  
[   ]2016-11-1_win20.mitm.weblog2016-12-05 21:39 287  
[   ]2016-11-1_win20.capinfos2016-11-01 19:28 1.1K 
[   ]2016-11-1_win20.tcpdstat2016-11-01 19:28 1.9K 
[TXT]README.md2017-05-26 17:30 1.9K 
[   ]2016-11-1_win20.passivedns2016-11-01 19:28 2.6K 
[TXT]README.html2017-05-26 17:30 2.9K 
[   ]2016-11-1_win20.dnstop2016-11-01 19:28 3.7K 
[TXT]fast-flux-dga-first-analysis.txt2017-01-13 14:08 7.2K 
[   ]2016-11-1_win20.binetflow2016-11-01 19:28 5.5M 
[   ]2016-11-1_win20.rrd2016-11-01 19:16 8.0M 
[   ]f6b24a4bf25e9393b6030a0c694be62eefdda6b37ea0b9249f53aeba4891e784.exe.zip2016-11-01 19:35 8.6M 
[   ]2016-11-1_win20.biargus2016-11-01 19:28 8.7M 
[   ]2016-11-1_win20.pcap2016-11-01 19:09 92M 

Description

Files

IP Addresses

- Infected host: 192.168.1.113
- Default GW: 192.168.1.2

Mon Oct 17 19:15:30 CEST 2016

started

Mon Oct 17 19:23:18 CEST 2016

infected

Mon Oct 17 19:25:53 CEST 2016

Try tutorial -> yes

Mon Oct 17 19:25:53 CEST 2016

Clicked hit

Mon Oct 17 19:28:34 CEST 2016

Clicked process list

Thu Oct 20 20:25:14 CEST 2016

Clicked "open Tutorial"

Tue Nov 1 19:05:40 CET 2016

Clicked "First Scan" -- Error - ""filled something in"

Tue Nov 1 19:07:04 CET 2016

Clicked "Memory view"

Tue Nov 1 19:08:15 CET 2016

"move byte" ok

Tue Nov 1 19:09:47 CET 2016

power off