2022-01-07 - TRAFFIC ANALYSIS EXERCISE - SPOONWATCH

ASSOCIATED FILES:

NOTES:

 

 

SCENARIO

LAN segment data:

 

TASK

  • Executive Summary: State in simple, direct terms what happened (when, who, what).
  • Details: Details of the victim (hostname, IP address, MAC address, Windows user account name).
  • Indicators of Compromise (IOCs): IP addresses, domains and URLs associated with the infection.  SHA256 hashes if any malware binaries can be extracted from the pcap.

 

ANSWERS

 

Click here to return to the main page.