Open recvfrom opened 3 years ago
Overview Write Snort rules for the command and control (C2) traffic used by Predator the Thief (commodity infostealer malware)
Proposal Write Snort rules (likely two) for Predator the Thief C2 traffic. For more info, see:
Expected Difficulty Beginner/Easy - The C2 protocol is very basic, write-ups exist that detail the purpose of the protocol data, etc.
Technical Info
predator-4c18b806dd10733f6e4d1376e769d94b.pcap.zip (password: infected)
infected
Overview Write Snort rules for the command and control (C2) traffic used by Predator the Thief (commodity infostealer malware)
Proposal Write Snort rules (likely two) for Predator the Thief C2 traffic. For more info, see:
Expected Difficulty Beginner/Easy - The C2 protocol is very basic, write-ups exist that detail the purpose of the protocol data, etc.
Technical Info
predator-4c18b806dd10733f6e4d1376e769d94b.pcap.zip (password:
infected)