You should review this pcap in a non-Windows environment. Please also note that the pcap used for this tutorial contains malware. You should also have experience with Wireshark display filters as described in this additional tutorial.
We use a customized column display shown in this tutorial. Note: This tutorial assumes you have a basic knowledge of network traffic and Wireshark.
Understanding these traffic patterns can be critical for security professionals when detecting and investigating Qakbot infections. This Wireshark tutorial reviews a recent packet capture (pcap) from a Qakbot infection. This family of malware has been active for years, and Qakbot generates distinct traffic patterns. Qakbot is an information stealer also known as Qbot.
0 kommentar(er)
