Index of /publicDatasets/CTU-Malware-Capture-Botnet-204-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[   ]042e307ff5cef2a37d44e3ab810cd4a5d75572e3be0a26d0552bf4855776b558.exe.zip2016-11-29 16:23 4.2M 
[   ]2016-11-29_win9.biargus2016-11-29 16:02 30M 
[   ]2016-11-29_win9.binetflow2016-11-29 16:02 20M 
[   ]2016-11-29_win9.capinfos2016-11-29 16:02 1.1K 
[   ]2016-11-29_win9.dnstop2016-11-29 16:00 17K 
[TXT]2016-11-29_win9.html2016-11-29 16:28 73M 
[   ]2016-11-29_win9.json2016-11-29 16:28 157M 
[   ]2016-11-29_win9.mitm.weblog2016-12-05 21:01 204K 
[   ]2016-11-29_win9.passivedns2016-11-29 16:00 40K 
[   ]2016-11-29_win9.pcap2016-11-29 15:53 210M 
[   ]2016-11-29_win9.rrd2016-11-29 15:53 8.0M 
[   ]2016-11-29_win9.tcpdstat2016-11-29 16:02 1.9K 
[   ]2016-11-29_win9.uniargus2016-11-29 16:02 178M 
[   ]2016-11-29_win9.uninetflow2016-11-29 16:03 122M 
[   ]2016-11-29_win9.weblogng2016-11-29 16:02 113K 
[TXT]README.html2017-01-13 14:03 2.2K 
[TXT]README.md2016-11-29 16:21 1.6K 
[DIR]bro/2017-08-31 09:45 -  
[TXT]fast-flux-dga-first-analysis.txt2017-01-13 14:03 38K 
[   ]mitm.out2016-11-29 15:30 54M 
[DIR]suricata/2017-09-01 16:27 -  

Description

Files

IP Addresses

- Infected host: 192.168.1.119
- Default GW: 192.168.1.2

Timeline

Mon Nov 7 14:11:01 CET 2016

started win9

Mon Nov 7 14:16:00 CET 2016

infected

Mon Nov 7 14:23:08 CET 2016 finish installation

Tue Nov 29 15:53:24 CET 2016

power off