all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Investigating NullMixer Network Traffic: Utilizing Suricata and Evebox (Part 3)

Add to bookmarks
Feb. 4, 2023, 4 p.m. | Dr Josh Stroschein

Dr Josh Stroschein www.youtube.com

Inspecting network traffic can often give you unique insight into the malware you are investigating. in this video, we'll take a look at network traffic from our NullMixer sample and use Suricata to generate IDS alerts. We'll also take advantage of the light weight UI called Evebox, which allows us to easily navigate through Suricata's output - which includes more than just the network alerts.

Tools covered: Suricata, EveBox

Sample SHA256 (available on Triage): 7a4df2fc82c0b553d0b703f51635fd62cf02553706f942c66d752c1d8fae207b

Suri install - https://youtu.be/zK7x43Ghn4E

EveBox …

alerts called ids insight malware network network traffic suricata tools traffic video

Visit resource

More from www.youtube.com / Dr Josh Stroschein

🔴 Malware Mondays Episode 02 - Investigating Processes with Process Explorer and System Informer 11 hours ago | www.youtube.com
basics explorer focus information +9
Malware Mondays?!? Learn more 3 days, 2 hours ago | www.youtube.com
learn malware
Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 2 weeks ago | www.youtube.com
artifact data goal learn +11
MM#01 - How to Capture Malicious Activity with Process Monitor! Using ProcMon with Amadey Malware 3 weeks, 4 days ago | www.youtube.com
amadey artifacts capture data +11
Malware Mondays Episode 01 - Identifying Malicious Activity in Process Monitor (ProcMon) Data 3 weeks, 4 days ago | www.youtube.com
artifact data goal learn +11
Why Do You Need to Know Assembly to Use IDAPro or Ghidra? Exploring disassembly and … 4 weeks ago | www.youtube.com
assembly disassembly effectively ghidra +9
Ease Shellcode Analysis with SCLauncher! Learn how-to wrap shellcode into a PE file 1 month ago | www.youtube.com
analysis debugging development easy +18
Customizing FakeNet-NG for Malicious Document Analysis! How to modify the web root 1 month, 1 week ago | www.youtube.com
analysis can default dive +16
Building a VM for Reverse Engineering and Malware Analysis! Installing the FLARE-VM 1 month, 3 weeks ago | www.youtube.com
analysis building docs engineering +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Junior Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States
View on infosec-jobs.com

Associate Director, Operations Compliance and Investigations Management

@ Legend Biotech | Raritan, New Jersey, United States
View on infosec-jobs.com

Analyst, Cyber Operations Engineer

@ BlackRock | SN6-Singapore - 20 Anson Road
View on infosec-jobs.com

Working Student/Intern/Thesis: Hardware based Cybersecurity Training (m/f/d)

@ AVL | Regensburg, DE
View on infosec-jobs.com
View more jobs