Duration: 45 days
RobotHash
started win13, already infected with 89828eec51d6fe22768c9364dcbb49b9
P2P botnet
Urlquery said that: http://urlquery.net/report.php?id=9404817
The url http://www.greenbeach.de/logo.gif?24636=447138 found in this capture was from ET TROJAN W32/Sality Executable Pack Digital Signature ASCII Marker
Huge powerdown on Sun 06, at 10am... powering up now.
It was cracking Cisco routers web pages!
Sality Botnet, as detected by https://www.virustotal.com/en/file/6fb2f335669405e9c3b7582b524dac22ebff7e5fe1258f25914d7e0e750ca62e/analysis/1400250260/
It uses P2P and "super peers"