This FAQ, collaboratively created by the community, addresses the content of the lesson titled “Dynamic Malware Analysis Example #2”
You can locate this exercise within the LetsDefend content:
Dynamic Malware Analysis
SOC Analyst Learning Path
If there are any specific questions regarding the lesson or exercise, please don’t hesitate to ask them here.
HI in example#2 when i open packet tracer i cannot see any smtp logs.please guide
@ogunal Hi i am facing similar issue, i don’t see any SMTP logs while running Packet capture in Wireshark
Also noticed that Fiddler shows 503 error when the regsvc tries to connect with checkip[.]dyndns[.]org in the example walkthrough it shows 200 code which means it successfully connected
Have you tried checking the simulation mode in Packet Tracer? Sometimes the logs might not show up in real time. Make sure you’re running the simulation properly and that the email is actually being sent. If that doesn’t help, maybe try restarting Packet Tracer or double checking your configurations.
Hello,
I have also encountered the same problem @ogunal. Fiddler shows dns request to checkip.dyndns.org returned 502 code. Since the malware could not resolve the C2’s ip address further communications seems to not happen.
Could someone look into this though? I kind of want to practice
Thank you.
why there is no any answer here? everyone facing the same issues, and I don’t see any way to solve this.