Index of /publicDatasets/CTU-Malware-Capture-Botnet-25-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[   ]2013-11-06_capture-win6.3model2014-11-04 16:51 1.4M 
[   ]2013-11-06_capture-win6.biargus2015-09-25 15:27 154M 
[   ]2013-11-06_capture-win6.biargus.labeled2014-11-04 13:04 138M 
[   ]2013-11-06_capture-win6.binetflow2015-09-25 15:27 158M 
[   ]2013-11-06_capture-win6.binetflow.labeled2015-01-30 19:55 36M 
[   ]2013-11-06_capture-win6.binetflow.labeled.sorted2015-01-30 19:55 36M 
[   ]2013-11-06_capture-win6.capinfos2015-08-29 20:57 767  
[   ]2013-11-06_capture-win6.clf2013-11-06 15:44 15M 
[   ]2013-11-06_capture-win6.dnstop2014-09-18 15:27 18K 
[   ]2013-11-06_capture-win6.exes-downloaded.zip2015-12-16 10:26 1.1K 
[TXT]2013-11-06_capture-win6.html2015-06-01 15:32 76M 
[   ]2013-11-06_capture-win6.json2015-06-01 15:32 94M 
[   ]2013-11-06_capture-win6.passivedns2014-09-18 15:21 246K 
[   ]2013-11-06_capture-win6.pcap2013-11-06 15:24 884M 
[   ]2013-11-06_capture-win6.rrd2013-12-10 13:52 8.0M 
[   ]2013-11-06_capture-win6.tcpdstat2017-01-15 14:14 2.3K 
[   ]2013-11-06_capture-win6.top5dns2014-09-18 15:23 590  
[   ]2013-11-06_capture-win6.uniargus2017-01-15 14:14 113M 
[   ]2013-11-06_capture-win6.uninetflow2017-01-15 14:14 57M 
[   ]2013-11-06_capture-win6.weblog2013-11-06 15:44 17M 
[   ]2013-11-06_capture-win6.weblogng2016-06-15 18:04 22M 
[   ]2013-11-06_capture-win6.weblogng.labeled2013-12-10 14:28 21M 
[TXT]README.html2017-01-15 14:15 1.5K 
[TXT]README.md2016-03-16 14:52 1.1K 
[   ]argus_bi.conf2013-11-06 15:43 20K 
[DIR]bro/2017-08-31 09:45 -  
[   ]e1090d7126dd88d0d1d39b68ea3aae11.exe.zip2015-12-16 10:26 273K 
[TXT]fast-flux-dga-first-analysis.txt2017-01-15 14:15 190K 
[TXT]histogram-of-web-domains-accessed.txt2014-01-08 16:35 559  
[   ]ra.conf.analysis2013-11-06 15:44 2.0K 
[   ]ra.conf.publish2013-11-06 15:43 2.0K 
[   ]ralabel-flowfilter.conf2014-04-15 17:46 51K 
[   ]ralabel.conf2013-11-06 15:43 6.0K 
[   ]tcpflow.report.pdf2014-04-25 13:44 16K 
[   ]weblogs.filter2013-12-09 12:06 1.9K 

Description

Analysis of DNS tuples

Timeline

Mon Sep 9 17:15:36 CEST 2013

Win6 infected

Malware has deleted itself and a lot of encrypted communication has started. Keep experiment running..

Wed Nov 6 15:29:06 CET 2013

stopped win6