badfile.exe – Part 1 – Suspicious Activity

We begin with a packet capture of an administrator’s device.  Odd connection attempts (which were unsuccessful) were made to a particular website.  These attempts were not initiated by the user. The PCAP in question can be downloaded here. See if you can find the following: What’s the IP address of the system that captured the […]