2015-02-08 - TRAFFIC ANALYSIS EXERCISE

PCAP AND MORE:

NOTE: ZIP files are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

 

SECOND DECISION POINT - YOU GET ALL THE INFORMATION YOU CAN BEFORE FINISHING THE REPORT

Here's the Dyreza file taken from the forensic image of Mike's infected computer:

 

See the link above for a zip file containing the associated malware.  It's a zip archive containing the zip attachment, extracted Upatre downloader, and Dyreza malware found on the infected host.

You now have the Dyreza malware, and you can finish your report with the additional info.

 

Click here to return to the main page.