Utilized Wireshark. Applied the filter http and !http.host==google.com and !http.host==www.google.com.
Revealed packet 60. Upon further investigating of that packet it's a python script.
If you analyze the python script you see that they're randomly choosing an encryption method. If you reverse the steps you can easily reveal the flag.
Was a type of Rat.
Was investigating using steghide. The steghide.jpg lead me to this software after a quick DuckDuckGo search.
[1-4].png are troublesome with steghide. I tried and failed to open steghide.jpg using steghide info steghide.jpg.
I then resorted to looking at it in hex and used Bless Hex Editor. No progress was made.
lolnope.jpg