Fri Jan 27 08:45:54 CET 2017
Automatic Analysis of the domains in this capture. Results maybe be wrong.
Using https://github.com/staaldraad/fastfluxanalysis
FastFlux Analysis Version: 1.0 (2013)

################################
count

################################
dns.msftncsi.com
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
dns.msftncsi.com.        |      12|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-25) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (7) Classified (Clean)
Rule Based: Clean

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score (0)
----  Geary's Coefficient ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score(0)

---- URL Analysis ----
Domain: dns.msftncsi.com.
Entropy analysis (UNIGRAM): Benign
Entropy analysis (BIGRAM): Benign
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): DGA
--

################################
isatap

################################
ISATAP

################################
trans_id

Sun Feb 19 17:49:31 CET 2017
Automatic Analysis of the domains in this capture. Results maybe be wrong.
Using https://github.com/staaldraad/fastfluxanalysis
FastFlux Analysis Version: 1.0 (2013)

################################
-

################################
a

################################
AGENTFLY

################################
amrogtvic

################################
AMROGTVIC

################################
API15.MQL5.COM

################################
API7.MQL5.COM

################################
ATG

################################
b

################################
BART.MDP.EDU.AR
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
BART.MDP.EDU.AR.         |   76778|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-30) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (6) Classified (Clean)
Rule Based: Clean

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score (0)
----  Geary's Coefficient ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score(0)

---- URL Analysis ----
Domain: BART.MDP.EDU.AR.
Entropy analysis (UNIGRAM): Benign
Entropy analysis (BIGRAM): Benign
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): Benign
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): Benign
--

################################
bmvprtzr

################################
BMVPRTZR

################################
BRKIRBYRLRYW.SU

################################
CDATA.TVNET.HU
Empty Response section

################################
count

################################
crnlegx

################################
CRNLEGX

################################
CXEWIWBOHQ.BIZ

################################
dns.msftncsi.com
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
dns.msftncsi.com.        |       6|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-25) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (7) Classified (Clean)
Rule Based: Clean

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score (0)
----  Geary's Coefficient ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score(0)

---- URL Analysis ----
Domain: dns.msftncsi.com.
Entropy analysis (UNIGRAM): Benign
Entropy analysis (BIGRAM): Benign
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): DGA
--

################################
DOWN.UP1.UC.CN
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
DOWN.UP1.UC.CN.          |      60|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-25) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (7) Classified (Clean)
Rule Based: Clean

---- Geolocation ----

---- URL Analysis ----
Domain: DOWN.UP1.UC.CN.
Entropy analysis (UNIGRAM): Benign
Entropy analysis (BIGRAM): Benign
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): DGA
Bayesian analysis (BIGRAM): Benign
--

################################
EYTDQRFTOGV.PL

################################
ff

################################
fn

################################
hp

################################
isatap

################################
ISATAP

################################
JDJEAODPU.WORK

################################
JEPNTWJOMIAQ.SU

################################
keixsnpkbrgrmf

################################
KEIXSNPKBRGRMF

################################
kvvafioscfzvwp

################################
KVVAFIOSCFZVWP

################################
l

################################
lkctangxbztthdr

################################
LKCTANGXBZTTHDR

################################
LRPHOLG.WORK

################################
MAIL.UEAB.AC.KE
Empty Response section

################################
mnoqyurknrnmdb

################################
MNOQYURKNRNMDB

################################
MUMBALI.ORG
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
MUMBALI.ORG.             |   14399|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-30) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (6) Classified (Clean)
Rule Based: Clean

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score (0)
----  Geary's Coefficient ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score(0)

---- URL Analysis ----
Domain: MUMBALI.ORG.
Entropy analysis (UNIGRAM): Benign
Entropy analysis (BIGRAM): Benign
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): Benign
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): Benign
--

################################
MX1.HOTMAIL.COM
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
MX1.HOTMAIL.COM.         |    3524|         19|       7|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-6) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (33) Classified (Fast-Flux)
Rule Based: Fast-Flux

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (-0.439849559749) Classified (Fast-Flux)
UTM: Score (-0.19323128331) Classified (Fast-Flux)
MGRS: Score (-0.334848492646) Classified (Fast-Flux)
Combined: Score (-0.028459675771)
----  Geary's Coefficient ----
Timezones: Score (1.48483172427) Classified (Fast-Flux)
UTM: Score (1.39516363134) Classified (Fast-Flux)
MGRS: Score (1.57793139398) Classified (Fast-Flux)
Combined: Score(3.26881619863)

---- URL Analysis ----
Domain: MX1.HOTMAIL.COM.
Entropy analysis (UNIGRAM): DGA
Entropy analysis (BIGRAM): DGA
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): DGA
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): DGA
--

################################
MX2.HOTMAIL.COM
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
MX2.HOTMAIL.COM.         |     584|         19|       6|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-6) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (31) Classified (Fast-Flux)
Rule Based: Fast-Flux

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (-0.58889854751) Classified (Fast-Flux)
UTM: Score (-0.552012240962) Classified (Fast-Flux)
MGRS: Score (-0.487977936297) Classified (Fast-Flux)
Combined: Score (-0.158631480521)
----  Geary's Coefficient ----
Timezones: Score (1.53003923974) Classified (Fast-Flux)
UTM: Score (1.52293666834) Classified (Fast-Flux)
MGRS: Score (1.59522329529) Classified (Fast-Flux)
Combined: Score(3.71711412734)

---- URL Analysis ----
Domain: MX2.HOTMAIL.COM.
Entropy analysis (UNIGRAM): DGA
Entropy analysis (BIGRAM): DGA
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): DGA
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): DGA
--

################################
MX3.HOTMAIL.COM
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
MX3.HOTMAIL.COM.         |     175|         19|       6|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-1) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (32) Classified (Fast-Flux)
Rule Based: Fast-Flux

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (-0.58889854751) Classified (Fast-Flux)
UTM: Score (-0.552012240962) Classified (Fast-Flux)
MGRS: Score (-0.487977936297) Classified (Fast-Flux)
Combined: Score (-0.158631480521)
----  Geary's Coefficient ----
Timezones: Score (1.53003923974) Classified (Fast-Flux)
UTM: Score (1.52293666834) Classified (Fast-Flux)
MGRS: Score (1.59522329529) Classified (Fast-Flux)
Combined: Score(3.71711412734)

---- URL Analysis ----
Domain: MX3.HOTMAIL.COM.
Entropy analysis (UNIGRAM): DGA
Entropy analysis (BIGRAM): DGA
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): DGA
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): DGA
--

################################
MX4.HOTMAIL.COM
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
MX4.HOTMAIL.COM.         |    1029|         19|       7|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-6) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (33) Classified (Fast-Flux)
Rule Based: Fast-Flux

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (-0.439849559749) Classified (Fast-Flux)
UTM: Score (-0.19323128331) Classified (Fast-Flux)
MGRS: Score (-0.334848492646) Classified (Fast-Flux)
Combined: Score (-0.028459675771)
----  Geary's Coefficient ----
Timezones: Score (1.48483172427) Classified (Fast-Flux)
UTM: Score (1.39516363134) Classified (Fast-Flux)
MGRS: Score (1.57793139398) Classified (Fast-Flux)
Combined: Score(3.26881619863)

---- URL Analysis ----
Domain: MX4.HOTMAIL.COM.
Entropy analysis (UNIGRAM): DGA
Entropy analysis (BIGRAM): DGA
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): DGA
Total Variation analysis (BIGRAM): DGA
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): DGA
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): DGA
--

################################
o4

################################
obeuwjx

################################
OBEUWJX

################################
OOWERL.COM

################################
OPEN-WORKS.NET
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
OPEN-WORKS.NET.          |   14399|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-30) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (6) Classified (Clean)
Rule Based: Clean

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score (0)
----  Geary's Coefficient ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score(0)

---- URL Analysis ----
Domain: OPEN-WORKS.NET.
Entropy analysis (UNIGRAM): Benign
Entropy analysis (BIGRAM): Benign
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): Benign
Total Variation analysis (BIGRAM): Benign
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): Benign
--

################################
p

################################
PATOCARR.COM
Qname                    |TTL     |A Records  |Ranges  |ASNs  |Countries  |Nameservers  |
PATOCARR.COM.            |   14399|          1|       1|     1|          1|            0|

---- Fast-Flux Scores ----
Modified Thorsten/Holz: Score (-30) Classified (Clean)
Modified Jaroslaw/Patrycja: Score (6) Classified (Clean)
Rule Based: Clean

---- Geolocation ----
----  Moran's Index ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score (0)
----  Geary's Coefficient ----
Timezones: Score (0) Classified (Clean)
UTM: Score (0) Classified (Clean)
MGRS: Score (0) Classified (Clean)
Combined: Score(0)

---- URL Analysis ----
Domain: PATOCARR.COM.
Entropy analysis (UNIGRAM): Benign
Entropy analysis (BIGRAM): Benign
Probability analysis (UNIGRAM): Benign
Probability analysis (BIGRAM): Benign
Total Variation analysis (UNIGRAM): Benign
Total Variation analysis (BIGRAM): Benign
Naive-Bayesian analysis (UNIGRAM): Benign
Naive-Bayesian analysis (BIGRAM): Benign
Bayesian analysis (UNIGRAM): Benign
Bayesian analysis (BIGRAM): Benign
--

################################
PATTY.UNOG.CH

################################
PSVYKCMK.SU

################################
ptueatuohxensj

################################
PTUEATUOHXENSJ

################################
r

################################
sebastian\xe2\x80\x99s

################################
SPCRWTB.INFO

################################
t

################################
t-

################################
TINY71

################################
trans_id

################################
u

################################
u-

################################
v

################################
v2

################################
WATGHVQHHVBR.PW

################################
WORKGROUP

################################
x

################################
\x01\x02__MSBROWSE__\x02

################################
YSWYRXQU.WORK

################################
7-