CODEGATE 2012 – Forensics 300

Challenge description:

IU is investigating the system which was contaminated by malicious code.
As a result of analyzing TimeLine, it seems to be contaminated after February 9th 2012.
Contaminating path would be from visiting Web page. IU analyses various user traces of Internet, however IU can’t find malicious URL.
Maybe traces would be removed, when it was contaminated. Find correct malicious URL and the time it was contaminated. (cf. Remove http(s)://)
The time is based on Korea Standard Time(UTC +09:00).

Answer: malicious_URL|YYYY-MM-DDThh:mm:ss
(‘|’ is just a character)

{Read More}