Challenge Category: Forensic Points: 100 A Security Analyst observed some odd traffic to a domain that they hadn't seen before. Not knowing whats going on the Analyst asked for further assitance. Have a look at the PCAP and determine what is going on.

Hackers are using old techniques to send information to their servers from a comprimised host within the network.

The task is to determine what is being sent, and then find if any important information is being transmitted.

Download the file Decrypt the downloaded file by the following command.

openssl enc -d -aes-256-cbc -k 2wQ3hxziOt2O6SwrCSPY -in files9.enc -out files9.zip unzip files9.zip