Index of /publicDatasets/CTU-Malware-Capture-Botnet-262-1

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory  -  
[DIR]bro/2017-03-29 09:20 -  
[   ]2017-05-15_win16.weblogng2017-05-16 17:50 422  
[   ]2017-05-15_win16.capinfos2017-05-16 17:50 1.1K 
[   ]mitm.out2017-03-26 19:19 1.5K 
[   ]2017-05-15_win16.tcpdstat2017-05-16 17:50 1.6K 
[   ]2017-05-15_win16.passivedns2017-05-16 17:50 2.2K 
[TXT]README.md2017-05-16 17:52 2.4K 
[TXT]fast-flux-dga-first-analysis.txt2017-03-29 09:20 3.0K 
[TXT]README.html2017-05-16 17:51 3.1K 
[   ]2017-05-15_win16.dnstop2017-05-16 17:50 10K 
[   ]db7a87bc59a5c3e532bb8930fd7c73496c0bb5a15445673f644c706784eb10bf.zip2017-03-29 09:20 212K 
[   ]2017-05-15_win16.rrd2017-05-16 17:38 8.0M 
[   ]2017-05-15_win16.binetflow2017-05-16 17:51 78M 
[   ]2017-05-15_win16.biargus2017-05-16 17:50 193M 
[   ]2017-05-15_win16.pcap2017-05-16 17:50 261M 

Description

Files

IP Addresses

- Infected host: 192.168.1.126
- Infected host local ipv6: fd2d:ab8c:225:0:4d79:3876:db6a:7d30
- Default GW: 192.168.1.2

Timeline

Sun Mar 26 19:16:26 CEST 2017

started win16

Deleted the Oracle GuestAdditions

Sun Mar 26 19:20:22 CEST 2017

infected

Tue May 16 17:18:28 CEST 2017

power off