2017-12-15 - TRAFFIC ANALYSIS EXERCISE - TWO PCAPS, TWO EMAILS, TWO MYSTERIES!

ASSOCIATED FILES:

NOTES:

 

SCENARIO

This exercise presents you with two pcaps and two emails with malicious attachments.  Your task is to determine what happened in each pcap.


Shown above:  It's a Homer Simpson situation for each pcap.

 


Shown above:  Homer, after he reads your incident report.

 

YOUR TASK

Draft an incident report for each pcap.  Use the emails to figure out the malware for each infection.  Each of your two incident reports should include:

 

ANSWERS

 

Click here to return to the main page.