Index of /publicDatasets/CTU-Malware-Capture-Botnet-208-1
Description
Files
- .capinfos
- .dnstop
- .mitm
- Mitm proxy interception file of http and https
- .passivedns
- .pcap
- .rrd
- .weblogng
- .exe.zip
- bro
- Folder with all the bro output files
- .biargus
- Argus binary file. Bidirectional flows, 3600s of report time.
- .binetflow
- Argus text file with bidirectional flows. Report time 3600 secs.
- .uniargus
- Argus binary file. Unidirectional flows, 5s of report time.
- .uninetflow
- Argus text file with unidirectional flows. Report time 5 secs. TAB as column separator.
- suricata
- The detections of running suricata with the latest open rules from ET of 2017/06/29
IP Addresses
- Infected host: 192.168.1.128
- IPv6 local address: fd2d:ab8c:225:0:512:a519:bb75:80ea
- Default GW: 192.168.1.2
Timeline
Tue Nov 8 15:31:07 CET 2016
started win18
Tue Nov 8 15:34:17 CET 2016
infected
162.247.242.19: VT: https://www.virustotal.com/en/ip-address/162.247.242.19/information/ PS: Two domains. Not good reputation bam.nr-data.net Periodic: Long:
Mon Dec 5 09:57:30 CET 2016
power off