Escape — Vulnlab Full Walkthrough
Tags
| attack-pattern: | Dns - T1071.004 Dns - T1590.002 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | 0833af78-6e01-4a1c-a193-fb25350266bd |
| Fingerprint | 8652e21e072127c3 |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | Sept. 24, 2024, 11:38 a.m. |
| Added to db | Sept. 24, 2024, 2:10 p.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | Escape — Vulnlab Full Walkthrough |
| Title | Escape — Vulnlab Full Walkthrough |
| Detected Hints/Tags/Attributes | 25/1/15 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 107 | aka.ms |
|
| Details | File | 1 | profiles.xml |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 2 | bulletspassview.exe |
|
| Details | File | 1 | c:\_admin\bulletspassview.exe |
|
| Details | File | 1 | c:\_admin\profiles.xml |
|
| Details | File | 1 | c:\users\kioskuser0\downloads\profiles.xml |
|
| Details | File | 5 | rdp.exe |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 3 | c:\users\administrator\desktop\root.txt |
|
| Details | IPv4 | 1 | 10.10.108.66 |
|
| Details | IPv4 | 1 | 10.10.117.161 |
|
| Details | IPv4 | 9 | 10.8.3.192 |
|
| Details | IPv6 | 1 | c308:e000:e03e:b693:95ab:b745:b3bf:1754 |
|
| Details | Url | 1 | https://aka.ms/pscore6 |