This section consists of two sample deep-dives; the first being Trickbot and it's Active Directory components, and the second being an analysis of the Qbot banking trojan, from the very first stage, up until a network protocol & C2 communications analysis walkthrough.