1
00:00:00,750 --> 00:00:10,320
In this lecture I will explain about how to use the follow TCB stream feature in Wired shark to find

2
00:00:10,410 --> 00:00:19,020
malicious files and then instruct them to be analyzed with a surface like Virus Total for example.

3
00:00:19,890 --> 00:00:22,360
So here is security union.

4
00:00:22,420 --> 00:00:41,130
If I opened the quill application then I would go to the escalating events and then click on the alert

5
00:00:41,160 --> 00:00:45,570
I.D. and then select to why would do our shark.

6
00:00:47,030 --> 00:00:50,200
So here why a shark.

7
00:00:50,200 --> 00:01:00,620
If I clicked on follow stream and from our it is in squeal

8
00:01:03,780 --> 00:01:13,270
if we click control you see that we have an excel file so why a shark.

9
00:01:13,410 --> 00:01:28,110
I will search for the XY and here we see that we have this UHC file so now in white shark I will struck

10
00:01:28,230 --> 00:01:29,240
me fine.

11
00:01:31,410 --> 00:01:39,800
So how you see the file and I will save it into the scope.

12
00:01:39,840 --> 00:01:59,660
Example and then I will open a browser then I will go to Virus Total and then we upload the file.

13
00:01:59,740 --> 00:02:08,980
Now we see that the file is being released so we see that file is indeed malicious and is protected

14
00:02:08,980 --> 00:02:09,370
by

15
00:02:12,060 --> 00:02:14,730
most viruses.

16
00:02:14,730 --> 00:02:22,170
So in this little I have explained how to use the follow TCB stream feature in my shark to find malicious

17
00:02:22,170 --> 00:02:28,530
files and then extract them to be analyzed by surfaces like virus total.

18
00:02:28,530 --> 00:02:29,130
For example.