Analyse the first task (Exercise A). To do this, evaluate the communication with the server. How is the download started? What are the differences in the tracks compared to normal downloads?
The file of the second task (Exercise B) uses a special signature. What is it about?
Then go through the next trainings. Which method is used to obfuscate the downloads?
Downloads based on the eicar examples files for AV scanners. The payload is base64 encoded and hidden in an image by CryptoStego.