Malware Traffic Analysis 5

Malware Traffic Analysis 5 is a blue team lab that falls under the Network Forensics category and will cover the following subjects: Wireshark, Brim, NetworkMiner, suricatarunner, suricata.rules, Hybrid-analysis, JS Obfuscator, VirusTotal, Initial Access, Execution, Defense Evasion, Command and Control, Exfiltration.

Learning Objectives

Investigate network traffic using Wireshark, NetworkMiner, and Suricata to identify the specific malicious email responsible for system compromise.

Categories: Network Forensics.

MITRE ATT&CK Tactics: Initial Access, Execution, Defense Evasion, Command and Control, Exfiltration.

Tools: Brim, suricatarunner, suricata.rules, NetworkMiner, Wireshark, Hybrid-analysis, VirusTotal, JS Obfuscator.

Difficulty: medium.