Threat Hunting Series: Using Threat Emulation for Threat Hunting
Tags
attack-pattern: Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Scheduled Task - T1053.005 Software - T1592.002 Tool - T1588.002 Powershell - T1086 Scheduled Task - T1053
Show in Graph
Common Information
Type Value
UUID 22e1fc94-1b47-4cb3-81a6-12528c7a9a4f
Fingerprint 353a1b9cad3d9e93
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 14, 2022, 12:19 p.m.
Added to db Oct. 15, 2022, 8:50 a.m.
Last updated Nov. 18, 2024, 1:38 a.m.
Headline Threat Hunting Series: Using Threat Emulation for Threat Hunting
Title Threat Hunting Series: Using Threat Emulation for Threat Hunting
Detected Hints/Tags/Attributes 47/1/23
Source URLs
Redirection Url
Details Source https://infosecwriteups.com/threat-hunting-series-using-threat-emulation-for-threat-hunting-f7ccaa4b85e5?source=rss----7b722bfd1b8d---4&gi=8aa56b8d8f30
URL Provider
Details Provider Source level domain
Details infosecwriteups.com infosecwriteups.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
detectionlab.network
Details Domain 28 
www.splunk.com
Details Domain 4 
cyberwoxacademy.com
Details Domain 1 
www.cyberhuntingguide.net
Details Domain 4 
systemweakness.com
Details Domain 208 
learn.microsoft.com
Details Domain 4128 
github.com
Details Domain 18 
uncoder.io
Details File 1 
introducing-splunk-attack-range-v2-0.html
Details File 1 
creating-homelab.html
Details File 165 
reg.exe
Details File 2127 
cmd.exe
Details File 1209 
powershell.exe
Details Github username 2 
nasbench
Details Url 2 
https://detectionlab.network
Details Url 1 
https://www.splunk.com/en_us/blog/security/introducing-splunk-attack-range-v2-0.html
Details Url 1 
https://cyberwoxacademy.com/building-a-cybersecurity-homelab-for-detection-monitoring
Details Url 1 
https://www.cyberhuntingguide.net/creating-homelab.html
Details Url 1 
https://systemweakness.com/active-directory-home-lab-w-powershell-2022-guide-a87311182ab2
Details Url 2 
https://www.ired.team/offensive-security/credential-access-and-credential-dumping/forcing-wdigest-to-store-credentials-in-plaintext
Details Url 2 
https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon#events
Details Url 1 
https://github.com/nasbench/sigma-resources.
Details Url 4 
https://uncoder.io