What type of malware infection is Example 1?
Use the file from Remotely Administrated Evil.
My custom Zeek script auto-extracted files during the Remotely Administrated Evil 1 challenge so I grabbed the MD5 hash (91506bc2a51501164b6a2b0c18ad1c44) of the malware and searched various malware analysis services. ANY.RUN had the sample tagged as _NetWire:
Making the completed flag,