Scenario

During a regular IT security check at GlobalTech Industries, abnormal network traffic was detected from multiple workstations. Upon initial investigation, it was discovered that certain employees' search queries were being redirected to unfamiliar websites. This discovery raised concerns and prompted a more thorough investigation. Your task is to investigate this incident and gather as much information as possible.

https://cyberdefenders.org/blueteam-ctf-challenges/yellow-rat/

hash:

30E527E45F50D2BA82865C5679A6FA998EE0A1755361AB01673950810D071C85

1- Understanding the adversary helps defend against attacks. What is the name of the malware family that causes abnormal network traffic?

Yellow Cockatoo RAT

submit to VirusTotal and go to the Community tab

2- As part of our incident response, knowing common filenames the malware uses can help scan other workstations for potential infection. What is the common filename associated with the malware discovered on our workstations?

111bc461-1ca8-43c6-97ed-911e0e69fdf8.dll

Common file name is the name under the hash or found under Details → Names