all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Analyzing CobaltStrike from PCAP

Add to bookmarks
Aug. 2, 2022, 5:55 a.m. | /u/otherwise-well

Malware Analysis & Reports www.reddit.com

I am playing around with PCAPS on [Malware-Traffic-Analysis.net](https://Malware-Traffic-Analysis.net). I started with the first exercise 'BurninCandle'. I looked at the answers and pretty much got all the information except the part where it says IP for CobaltStrike. I marked the IP as suspicious but idk how they concluded it to be CobaltStrike. Any help is appreciated!

[\[link to exercise\]](https://www.malware-traffic-analysis.net/2022/03/21/index3.html)

cobaltstrike malware pcap

Visit resource

More from www.reddit.com / Malware Analysis & Reports

Phising opensea 1 day ago | www.reddit.com
mail malware opensea phishing +1
Understanding How CVEProject/cvelistV5 Works 3 days, 7 hours ago | www.reddit.com
api cve cves etc +18
[Video] Triaging Files on VirusTotal 1 week, 1 day ago | www.reddit.com
files malware video virustotal
Need recommendations for Premium Tools 1 week, 1 day ago | www.reddit.com
analysis atm budget can +12
Are hidden incoming SMS common for C&C? 1 week, 3 days ago | www.reddit.com
account android android malware carrier +12
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 1 week, 3 days ago | www.reddit.com
attackers clusters critical exploiting +5
A Powerful tracing engine based on Qemu 2 weeks ago | www.reddit.com
binary called can case +20
[Fixed] Coding The Rat King: A Multi-Family Malware Configuration Parser 2 weeks, 2 days ago | www.reddit.com
code coding configuration family +5
Dynamic Malware Analysis of Konni RAT Malware APT37 With Any.Run 3 weeks ago | www.reddit.com
advanced amp analysis any.run +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Principal Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com

Security Engineer- Systems Integration

@ Meta | Bellevue, WA | Menlo Park, CA | New York City
View on infosec-jobs.com

Lead Security Engineer (Digital Forensic and IR Analyst)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Senior Principal IAM Engineering Program Manager Cybersecurity

@ Providence | Redmond, WA, United States
View on infosec-jobs.com

Information Security Analyst II or III

@ Entergy | The Woodlands, Texas, United States
View on infosec-jobs.com
View more jobs