Decoding malware C2 with CyberChef
This video tutorial demonstrates how malware C2 traffic can be decoded with CyberChef. The PCAP files with the analyzed network traffic can be downloaded from malware-traffic-analysis.net. CyberChef recipe to decode the reverse shell traffic to 103.27.157.146:4444: From_Hex('Auto') XOR({'option':'He[...]
Read the full writeup in the blog post Decoding malware C2 with CyberChef.
Open full screen video player.