BotHunter Daily Analysis Index

BotHunter ®
Cyber-TA Internet Release
Computer Science Laboratory
SRI International

SAMPLE NAME: Agobot2_botHunter.txt
Last Updated: Tue Dec 29 11:44:43 2009

www.BOTHUNTER.net

Victim IP	Max Score	Profiles	CCs	Events
192.168.71.193	1.8	VIEW 1	192.168.191.145 Country: (Private Address) City: (Private Address). 192.168.228.144 Country: (Private Address) City: (Private Address). 192.168.87.218 Country: (Private Address) City: (Private Address). 192.168.252.129 Country: (Private Address) City: (Private Address). 192.168.71.2 Country: (Private Address) City: (Private Address).	1:2001581 {tcp} C&C Communication: ET SCAN Behavioral Unusual Port 135 traffic, Potential Scan or Infection; 3498->135 1:2001581 {tcp} C&C Communication: ET SCAN Behavioral Unusual Port 135 traffic, Potential Scan or Infection; 3348->135 1:2001581 {tcp} C&C Communication: ET SCAN Behavioral Unusual Port 135 traffic, Potential Scan or Infection; 3027->135 1:2001581 {tcp} C&C Communication: ET SCAN Behavioral Unusual Port 135 traffic, Potential Scan or Infection; 3189->135 1:2001569 {tcp} Outbound Attack: ET SCAN Behavioral Unusual Port 445 traffic, Potential Scan or Infection; 3389->445 1:2001569 {tcp} Outbound Attack: ET SCAN Behavioral Unusual Port 445 traffic, Potential Scan or Infection; 3068->445