Thursday, August 26, 2021

Quick Malware Analysis: malware-traffic-analysis.net ICEDID/BOKBOT pcap from 2021-04-23

Thanks to Brad Duncan for sharing this pcap!
https://www.malware-traffic-analysis.net/2021/04/23/index.html

We did a quick analysis of this pcap on the latest version of Security Onion via so-import-pcap:
https://docs.securityonion.net/en/2.3/so-import-pcap.html

Some of the interesting Suricata alerts, Zeek logs, and session transcripts can be seen below. Want to follow along? All you need is a minimal virtual machine with 4GB RAM and you can follow the screenshots here:
https://docs.securityonion.net/en/2.3/first-time-users.html










No comments:

Search This Blog

Featured Post

Security Onion 2.4.111 now available!

In October, we released version 2.4.110: https://blog.securityonion.net/2024/10/security-onion-24110-hurricane-helene.html Last week, Surica...

Popular Posts

Blog Archive