Malware Traffic Analysis 1 is a blue team lab that falls under the Network Forensics category and will cover the following subjects: Wireshark, Brim, NetworkMiner, suricatarunner, suricata.rules, Initial Access, Execution, Command and Control.
Learning Objectives
Analyze network traffic using Wireshark to identify an infected host, trace an exploit kit infection chain, and extract malicious URLs and file hashes.
Categories: Network Forensics.
MITRE ATT&CK Tactics: Initial Access, Execution, Command and Control.