Getting Started with Dynamic Analysis using Wireshark

Read Lab Instruction

Scenario: You are given a task to analyze a pcap file from a suspected endpoint. Extract as much data from the file as possible if there is any indicator of compromise.

Tool: Wireshark

Question 1: Is there any suspicious IP addresses or domains?

Question 2: Can you identify the destination port?

Question 3: How can you prove that the network artifacts are malicious?

#note: Use a separate isolated machine to perform this task.