Professional Documents
Culture Documents
cfr410 Week 10
cfr410 Week 10
Malware Report
Austin Ticknor
University of Advancing Technology
3/26/2016
Thankfully, the host names for the computers also revealed the IP addresses
that were associated with each. The IP addresses all started with
192.168.204 and ended with either .139, .137, or .146.
I then proceeded to look under the hosts tab to find the Mac address
associated with each of the 3 IP addresses. They were MAC: 000C299DB86D
for .137, MAC: 000C2961C189 for .139, and MAC: 000C29FCBC2E for .146.
After that, I then proceeded to take the 3 IP addresses and look through the
websites they all visited. Only one had visited infected sites, 2 to be exact.
That IP address was 192.168.204.137.
Reference Page:
Hunt Down and Kill Malware with Sysinternals Tools (Part 1). (2011, June 15).
Retrieved March 26, 2016, from http://www.windowsecurity.com/articlestutorials/viruses_trojans_malware/Hunt-Down-Kill-Malware-Sysinternals-ToolsPart1.html
How To Capture And Analyze Network Traffic Using NetworkMiner. (2013, June
11). Retrieved March 26, 2016, from
https://www.maketecheasier.com/capture-and-analyze-network-traffic/