# Quick Malware Analysis: Emotet Epoch 5 and Cobalt Strike pcap from 2022-02-08

**[blog.securityonion.net/2022/02/quick-malware-analysis-emotet-epoch-5.html](https://blog.securityonion.net/2022/02/quick-malware-analysis-emotet-epoch-5.html)**

Thanks to Brad Duncan for sharing this Emotet Epoch 5 pcap!
[https://www.malware-traffic-analysis.net/2022/02/08/index.html](https://www.malware-traffic-analysis.net/2022/02/08/index.html)

We did a quick analysis of this pcap on the latest version of Security Onion via so-importpcap:

[https://docs.securityonion.net/en/2.3/so-import-pcap.html](https://docs.securityonion.net/en/2.3/so-import-pcap.html)

The screenshots below show some of the interesting Suricata alerts, Zeek logs, session
transcripts, and observables.

**About Security Onion**

Security Onion is a versatile and scalable platform that can run on small virtual machines
and can also scale up to the opposite end of the hardware spectrum to take advantage of
extremely powerful server-class machines. Security Onion can also scale horizontally,
growing from a standalone single-machine deployment to a full distributed deployment with
tens or hundreds of machines as dictated by your enterprise visibility needs.

To learn more about Security Onion, please see:

[https://securityonion.net](https://securityonion.net/)

[https://securityonion.net/docs](https://securityonion.net/docs)

**More Samples**

Find all of our Quick Malware posts at:

[https://blog.securityonion.net/search/label/quick%20malware%20analysis](https://blog.securityonion.net/search/label/quick%20malware%20analysis)

**Screenshots**

Click the first image to start the screenshot tour:


-----

-----

-----

-----

-----

-----

-----

-----

-----

-----

-----

-----