Analyze network traffic using Wireshark to identify DanaBot initial access, deobfuscate malicious JavaScript, and extract IOCs like IPs, file hashes, and execution processes. Scenario The SOC team has detected suspicious activity in the network traffic, reveal…

Analyze network traffic to identify malware delivery, deobfuscate scripts, and map attacker techniques using MITRE ATT&CK, focusing on stealthy execution and reflective code loading. Scenario A compromised machine has been flagged due to suspicious network…

Scenario Reconstruct a multi-stage intrusion by analyzing network traffic, memory, and malware artifacts using Wireshark, Volatility, and VirusTotal, mapping findings to MITRE ATT&CK. PCAP Analysis Q1.After flooding the IIS host with rapid-fire probes, the…