Malware Traffic Analysis 6

Malware Traffic Analysis 6 is a blue team lab that falls under the Network Forensics category and will cover the following subjects: Wireshark, Brim, NetworkMiner, suricatarunner, suricata.rules, JS Obfuscator, VirusTotal, Initial Access, Execution, Defense Evasion.

Learning Objectives

Investigate email, document, and network traffic using VirusTotal, oledump, and Wireshark to identify ransomware delivery mechanisms and C2 communications.

Categories: Network Forensics.

MITRE ATT&CK Tactics: Initial Access, Execution, Defense Evasion.

Tools: Brim, suricatarunner, suricata.rules, NetworkMiner, Wireshark, VirusTotal, JS Obfuscator.

Difficulty: medium.