Name | Last modified | Size | Description | |
---|---|---|---|---|
Parent Directory | - | |||
192.168.3.104-unvirus.pcap | 2009-09-08 14:42 | 13M | ||
192.168.3.104-unvirus.biargus | 2016-01-27 14:33 | 5.5M | ||
192.168.3.104-unvirus.binetflow | 2016-01-27 14:33 | 2.0M | ||
192.168.3.104-unvirus.html | 2016-01-27 14:43 | 365K | ||
192.168.3.104-unvirus.report.pdf | 2014-04-09 17:39 | 21K | ||
192.168.3.104-unvirus.json | 2016-01-27 14:43 | 20K | ||
README.html | 2017-01-16 09:33 | 3.5K | ||
README.md | 2016-01-27 14:47 | 3.0K | ||
192.168.3.104-unvirus.tcpdstat | 2017-01-16 09:33 | 2.7K | ||
fast-flux-dga-first-analysis.txt | 2017-01-16 09:33 | 2.3K | ||
192.168.3.104-unvirus.dnstop | 2016-01-27 14:42 | 2.3K | ||
192.168.3.104-unvirus.passivedns | 2016-01-27 14:42 | 1.7K | ||
192.weblogng | 2017-01-16 09:33 | 961 | ||
192.168.3.104-unvirus.pcap.capinfos | 2012-05-29 01:08 | 769 | ||
192.168.3.104-unvirus.capinfos | 2016-01-27 14:42 | 720 | ||
bro/ | 2017-08-31 09:45 | - | ||
SHA256: 9be0ca5c97f46b42e52e23a47a9a3d0bf6e12c697ad2f1947b0810566ae5e7bc
RobotHash
This capture was used as 'botnet1' for the IGI book chapter research.
http://www.threatexpert.com/report.aspx?md5=d60e538e721c30a0ea946404330f324a
Description: Infected the vm. Pcap file: 192.168.3.104-unvirus.pcap tcpdump: tcpdump -n -s0 -i wlan0 -w 192.168.3.104-unvirus.pcap host 192.168.3.104 -v Started: Mon Sep 7 22:29:48 2009
Finished: Tue Sep 8 09:42:17 2009
Results: It was successfully infected. It started to scan for other hosts in the LAN. Usually the CC was down, but for some reason this time the CC answered.