2021-01-21 - TRAFFIC ANALYSIS EXERCISE - WOKEMOUNTAIN

ASSOCIATED FILES:

  • 2021-01-21-traffic-analysis-exercise.pcap   (7,266,601 bytes)
  • 2021-01-21-traffic-analysis-exercise-alerts.jpg   (2,384,478 bytes)
  • 2021-01-21-traffic-analysis-exercise-alerts.txt   (6,080 bytes)

NOTES:

 

 

SCENARIO

LAN segment data:

 

TASK

  • Executive Summary: State in simple, direct terms what happened (when, who, what).
  • Details: Details of the victim (hostname, IP address, MAC address, Windows user account name).
  • Indicators of Compromise (IOCs): IP addresses, domains and URLs associated with the infection.  SHA256 hashes if any malware binaries can be extracted from the pcap.

 

ANSWERS

 

Click here to return to the main page.