We've noticed some weird activity on the port TCP/8888 coming from our new admin VM. Can you help us identify what's going on ?
Our brand new admin John Doe told us that he received an email about a resume. You'll find a copy of this email.
HINT: 1 - Identify the C&C address 2 - Trace the malware origin (bits n stego)
There's 3 flags to find in total.