Analyzing Kelihos SPAM in CapLoader and NetworkMiner

This network forensics video tutorial covers how to analyze SPAM email traffic from the Kelihos botnet.
The analyzed PCAP file comes from the Stratosphere IPS project,
where Sebastian Garcia and his colleagues execute malware samples in sandboxes.
The particular malware sample execution we are looking at this time is from the CTU-Malware-Capture-Botnet-149-2
dataset.

Resources

IOCs
990e5daa285f5c9c6398811edc68a659
e4f7fa6a0846e4649cc41d116c40f97835d3bb7d3d0391d3540482f077aa4493
6c55 5545 0310 4840

Check out our series of network forensic video tutorials for more tips and tricks on how to analyze captured network traffic.

Facebook Share on Facebook  Twitter Tweet  Reddit Submit to reddit.com



*** This is a Security Bloggers Network syndicated blog from NETRESEC Network Security Blog authored by Erik Hjelmvik. Read the original post at: http://www.netresec.com/?page=Blog&month=2018-02&post=Analyzing-Kelihos-SPAM-in-CapLoader-and-NetworkMiner