Security Onion Blog

Tuesday, July 27, 2021

Quick Malware Analysis: malware-traffic-analysis.net pcap from 2021-06-17

Thanks to Brad Duncan for sharing this pcap!
https://www.malware-traffic-analysis.net/2021/06/17/index.html

We did a quick analysis of the pcap on the latest version of Security Onion via so-import-pcap:
https://docs.securityonion.net/en/2.3/so-import-pcap.html

Here are some of the interesting Suricata alerts, Zeek logs, and HTTP transcripts:










at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

Upcoming Change to Elasticsearch Index Management for Multi-Node Deployments

Elasticsearch indices are managed by both the so-elasticsearch-indices-delete utility and Index Lifecycle Management (ILM). so-elasticsearch...

Popular Posts

Blog Archive