Phishcap - part 6

You received a call from a customer (ACME) saying that there has been an accident at their factory and they want you to rule out any foul play. They have provided a packet capture for you and said that there have been many spear phishing attempts as of late targeting their company.

This is part 6 of 6 in a packet capture analysis challenge. The pcap file can be found from the first part.

Hint: "The key that unlocks me can be obtained in two ways. What can you do now that you have the key and what is the key for anyways?"

Note: In case you are using the packet capture challenge as part of your application please report it as you would to a customer, meaning that the whole target audience is able to understand the contents of the report. Your report should answer to at least following questions: What has happened? What was the timeline of the events? What kind of information or data have been stolen? What do you know about the attacker?

You get 200 points for this challenge.

Solvers: no one

pcap 2018

← Back to challenges