Security Onion Blog

Tuesday, August 31, 2021

Quick Malware Analysis: malware-traffic-analysis.net TA551-Shathak-Bazarloader pcap from 2021-08-30

Thanks to Brad Duncan for sharing this pcap!
https://www.malware-traffic-analysis.net/2021/08/30/index.html

We did a quick analysis of this pcap on the latest version of Security Onion via so-import-pcap:
https://docs.securityonion.net/en/2.3/so-import-pcap.html

Here are some of the interesting Suricata alerts, Zeek logs, and session transcripts:










at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

Security Onion 2.4.170 now available including JA4, more SOC dashboards, and updated components!

Security Onion 2.4.170 is now available and includes JA4, more SOC dashboards, and updated components including Elastic 8.18.4, Suricata 7.0...

Popular Posts

Blog Archive