2016-07-07 - TRAFFIC ANALYSIS EXERCISE - EMAIL ROULETTE

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

ASSOCIATED FILES:

• Zip archive with a pcap of the traffic:  2016-07-07-traffic-analysis-exercise.pcap.zip   4.9 MB (4,907,069 bytes)
• Zip archive with the malspam:  2016-07-07-traffic-analysis-exercise-emails.zip   62.9 kB (62,920 bytes)

 

SCENARIO

It's time for another round of email roulette!  It'll be just like the film The Deer Hunter, except this exercise is much less emotionally shattering than the movie.

Shown above:  Christopher Walken's character in The Deer Hunter preparing to open a malicious email.

 

You have a pcap of infection traffic.  You also have six malicious emails.  Your task?  Figure out which of the six emails caused the infection traffic.  If you choose to do so, remember a proper write-up includes the date and time of the infection, and it also includes IP addresses, MAC addresses, host names, user names, and associated domains/IP addresses.

Shown above:  The six malicious emails.

 

ANSWER

• Click here for the answers.

 

Click here to return to the main page.