Wednesday, August 18, 2021

Quick Malware Analysis: pcap from 2021-05-18 Qakbot

Thanks to Brad Duncan for sharing this pcap!

We did a quick analysis of this pcap on the latest version of Security Onion via so-import-pcap:

If you'd like to follow along, you can create a minimal VM with 4GB RAM and install the latest version of Security Onion in Import mode following the screenshots in the Screenshot Tour here:

Here are some of the interesting Suricata alerts, Zeek logs, and session transcripts:

No comments:

Search This Blog

Featured Post

Sneak Peek: New Detections Feature coming in Security Onion 2.4.70!

Our latest video is a sneak peek at a NEW feature coming to our FREE and OPEN Security Onion platform in the upcoming 2.4.70 release! This n...

Popular Posts

Blog Archive