From isc.sans.edu
I wanted to leave you all with one final traffic analysis quiz for Windows-based malware infection traffic. You can find the pcaps here. Today’s exercise has 6 pcaps of different Windows-based malware infections. Your task for this quiz? Determine what type of malware caused the infection for each pcap. I didn’t provide any alerts like I’ve done for previous quizes. Today’s quiz is just a casserole of pcap files, cooked up, and served piping hot!