This was pitched as a Medium difficulty Forensics challenge. You are provided with a file entitled duck.pcapng.
Opening the files in WireShark, it appears to be a network capture made by a device on a local machine (perhaps a Rubber Ducky!), monitoring web traffic from a localhost.
Exploring the TCP Streams in Statistics->Conversations shows a webpage with a link to file flag.png (this is a red herring); also in the streams is the download of an MP4 entitled movie.mp4
Completing the challenge is as easy as going to File->Export Objects->HTTP and selecting movie.mp4.
Once exported, you can view the rather charming video, and find the flag overlaid about halfway through as a title.
SBCTF{1n53cur3_commun1c471on}
mrn00b0t 