I've checked about 5 different frameworks that might generate this "weird" traffic but no fingerprint matches the queries in the pcap file. If it is something custom made I don't have enough clues to solve it.
The challenge is bugged. Do not try to do this one with up-to-date Wireshark installed in Kali Linux. I have downloaded Wireshark 2.1.1 from their site on my Windows computer and the flag is there.