2015-02-08 - TRAFFIC ANALYSIS EXERCISE
PCAP AND MORE:
- ZIP of a PCAP for the traffic: 2015-02-08-traffic-analysis-exercise.pcap.zip
- ZIP of additional info (email): 2015-02-08-traffic-analysis-exercise-additional-info.zip
- ZIP of associated malware: 2015-02-08-traffic-analysis-exercise-all-the-malware.zip
NOTE: ZIP files are password-protected with the standard password. If you don't know it, look at the "about" page of this website.
SECOND DECISION POINT - YOU GET ALL THE INFORMATION YOU CAN BEFORE FINISHING THE REPORT
Here's the Dyreza file taken from the forensic image of Mike's infected computer:
See the link above for a zip file containing the associated malware. It's a zip archive containing the zip attachment, extracted Upatre downloader, and Dyreza malware found on the infected host.
You now have the Dyreza malware, and you can finish your report with the additional info.
- Click here to check the accuracy of your finished report.
Click here to return to the main page.