What do we need to analyze for this? I’ve tried many things, but none of them worked. Could you guide me? Also, what is the answer format?
11.What is the tracker id value? (lowercase)
I entered a value I found in Wireshark, but it’s still saying it’s incorrect. I tried lowercase letters and it started with ‘3’, but it’s still not working. Could you help me with this?
You can search the file on online platforms like VirusTotal or analyze the file by exporting it. For the tracker id, it starts with M. When you save the traffic as an .eml file, the rendered version will be clearer.
I scanned it, but I think I’m looking in the wrong place. I still haven’t found its software format.
a hint: it is very popular tool, you might guess it
I am probably entering the correct answer, but I can’t succeed because the capitalization doesn’t match
answer format is in lowercase
I found the answer, thank you. However, I couldn’t find this information on VirusTotal. Isn’t it quite difficult to find this 
i sent the explanation via dm
“I couldn’t complete questions 4, 6, 8, and 9. Wireshark didn’t help much. What other tools should we use? TotalVirus wasn’t useful.”
you need to export the attachment file from the network traffic or search the attachment in virustotal
No matches found in virus total. wordpressupdate.exe
Since you couldn’t find the hash value of the attachment. You can try to export email and analyze with tool like phishtool
How to export email? im trying…
Follow > TCP Stream to see the conversation and save the whole things as an eml format
I guess it didn’t work. When I open the phish tool, it shows it like in ASCII. How can I extract the file?
Yaptım teşekkür ederim
Saçma gelebilir belki ama ben dosyayı attığımda behavior kısmı yok virustotal de
