Index of /publicDatasets/CTU-Malware-Capture-Botnet-249-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[   ]26ee722cbf3923ab017bd540d299eba715169b94fc4920888d1822be7a065168.zip2017-03-29 10:13 108K 
[   ]2017-04-18_win20.biargus2017-04-18 17:38 14M 
[   ]2017-04-18_win20.binetflow2017-04-18 17:38 1.5M 
[   ]2017-04-18_win20.capinfos2017-04-18 17:38 1.1K 
[   ]2017-04-18_win20.dnstop2017-04-18 17:36 4.5K 
[TXT]2017-04-18_win20.html2017-04-18 17:41 422K 
[   ]2017-04-18_win20.json2017-04-18 17:41 152K 
[   ]2017-04-18_win20.passivedns2017-04-18 17:36 9.1K 
[   ]2017-04-18_win20.pcap2017-04-18 17:36 47M 
[   ]2017-04-18_win20.rrd2017-04-18 17:21 8.0M 
[   ]2017-04-18_win20.tcpdstat2017-04-18 17:38 1.7K 
[   ]2017-04-18_win20.uniargus2017-04-18 17:38 30M 
[   ]2017-04-18_win20.uninetflow2017-04-18 17:38 11M 
[   ]2017-04-18_win20.weblogng2017-04-18 17:38 1.3K 
[TXT]README.html2017-04-18 17:40 3.1K 
[TXT]README.md2017-04-18 17:39 2.4K 
[DIR]bro/2017-04-18 17:38 -  
[TXT]fast-flux-dga-first-analysis.txt2017-04-18 17:38 4.8K 
[   ]mitm.out2017-04-18 17:09 11M 

Description

Files

IP Addresses

- Infected host: 192.168.1.130
- Infected host local ipv6: fd2d:ab8c:225:0:1d3:35e9:7d97:2325
- Default GW: 192.168.1.2

Timeline

Sun Mar 26 20:58:11 CEST 2017

started win20

Sun Mar 26 21:02:01 CEST 2017

infected

(date here)

Tue Apr 18 17:19:17 CEST 2017 power off