all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Analyzing CobaltStrike from PCAP

Add to bookmarks
Aug. 2, 2022, 5:55 a.m. | /u/otherwise-well

Malware Analysis & Reports www.reddit.com

I am playing around with PCAPS on [Malware-Traffic-Analysis.net](https://Malware-Traffic-Analysis.net). I started with the first exercise 'BurninCandle'. I looked at the answers and pretty much got all the information except the part where it says IP for CobaltStrike. I marked the IP as suspicious but idk how they concluded it to be CobaltStrike. Any help is appreciated!

[\[link to exercise\]](https://www.malware-traffic-analysis.net/2022/03/21/index3.html)

cobaltstrike malware pcap

Visit resource

More from www.reddit.com / Malware Analysis & Reports

Obfuscated JavaScripts sending info in netlify.app domain 4 days, 9 hours ago | www.reddit.com
app check collect conditions +13
Malcat v0.9.6, new Kesakode malware identification feature 4 days, 9 hours ago | www.reddit.com
feature identification malware malware identification
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks 4 days, 12 hours ago | www.reddit.com
actor malware north north korean +4
Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries 1 week, 2 days ago | www.reddit.com
china chinese countries hackers +6
Integrating Wazuh and The Hive for Comprehensive Vulnerability Management and Incident Response 1 week, 3 days ago | www.reddit.com
collection comprehensive vulnerability management current cve +26
Scammers can easily phish your multi-factor authentication codes. Here's how to avoid it 1 week, 5 days ago | www.reddit.com
authentication can factor malware +4
[Video] D3f@ck loader analysis from Inno Setup to JPHP 1 week, 5 days ago | www.reddit.com
analysis loader malware setup +1
China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT 2 weeks ago | www.reddit.com
china china-linked hackers deploy hackers +5
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware 2 weeks, 3 days ago | www.reddit.com
attacks engineering malware ransomware +5

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com