Index of /publicDatasets/CTU-Malware-Capture-Botnet-233-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[DIR]bro/2017-03-15 19:00 -  
[   ]capture_win1.mitm.weblog2017-03-15 19:00 683  
[   ]capture_win1.weblogng2017-03-15 19:00 792  
[   ]capture_win1.capinfos2017-03-15 19:00 1.1K 
[   ]capture_win1.tcpdstat2017-03-15 19:00 1.4K 
[   ]capture_win1.passivedns2017-03-15 19:00 1.7K 
[TXT]README.md2017-03-15 19:14 2.5K 
[TXT]README.html2017-03-15 19:15 3.1K 
[   ]mitm.out2017-03-15 15:33 3.5K 
[   ]capture_win1.dnstop2017-03-15 19:00 3.9K 
[   ]capture_win1.json2017-03-25 20:32 8.5K 
[TXT]fast-flux-dga-first-analysis.txt2017-03-15 19:00 14K 
[   ]capture_win1.pcap2017-03-15 18:59 14K 
[   ]capture_win1.binetflow2017-03-15 19:00 60K 
[   ]capture_win1.biargus2017-03-15 19:00 112K 
[   ]d4505a395c8f97ea07e512ac7344206cc264176c60b7f774c6469a5f06416796.zip2017-03-15 18:54 135K 
[TXT]capture_win1.html2017-03-25 20:32 363K 
[   ]Win1-test.rrd2017-03-15 19:08 8.0M 

Description

Files

IP Addresses

- Infected host: 192.168.1.110
- Default GW: 192.168.1.2

Timeline

Ports redirected to the mitmproxy: - 443 - 53443 - 3443 - 8343 - 40443 - 4431 - 1443 - 44443 - 41443 - 11443

Wed Mar 15 15:29:04 CET 2017

started win1

Wed Mar 15 15:33:47 CET 2017

infected

Wed Mar 15 18:57:31 CET 2017

power off