2015-08-31 - TRAFFIC ANALYSIS EXERCISE - WHAT'S THE EK? - WHAT'S THE PAYLOAD?

TRAFFIC:

NOTE:  All ZIP archives on this site are password-protected with the standard password.  If you don't know it, look at the "about" page of this website.

 

SCENARIO

Examine the pcap to determine the exploit kit (EK), the payload, and the compromised website that kicked off this infection chain.

 

QUESTIONS

For a full incident report, you'll want to include the following:

 

 

ANSWERS