Tryhackme SOC L1 Capstones.
Tags
| attack-pattern: | Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Powershell - T1059.001 Tool - T1588.002 Connection Proxy - T1090 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | 363e37ca-f5eb-423b-83a9-9a42d0036ffd |
| Fingerprint | bc03989125a557c1 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 7, 2024, 10:33 p.m. |
| Added to db | Oct. 8, 2024, 12:46 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | Tryhackme SOC L1 Capstones. |
| Title | Tryhackme SOC L1 Capstones. |
| Detected Hints/Tags/Attributes | 44/1/27 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 22 | update.zip |
|
| Details | Domain | 2 | phishteam.xyz |
|
| Details | Domain | 2 | resolvecyber.xyz |
|
| Details | File | 2 | free_magicules.doc |
|
| Details | File | 33 | msdt.exe |
|
| Details | File | 1 | c:\users\benimaru\appdata\roaming\microsoft\windows\start menu\programs\startup\update.zip |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 6 | first.exe |
|
| Details | File | 2 | c:\users\public\downloads\first.exe |
|
| Details | File | 816 | index.html |
|
| Details | File | 2 | c:\users\benimaru\downloads\ch.exe |
|
| Details | File | 25 | wsmprovhost.exe |
|
| Details | File | 2 | spf.exe |
|
| Details | File | 5 | final.exe |
|
| Details | File | 23 | c:\windows\system32\sc.exe |
|
| Details | File | 2 | c:\programdata\final.exe |
|
| Details | sha256 | 2 | cb3a1e6acfb246f256fbfefdb6f494941aa30a5a7c3f5258c3e63cfa27a23dc6 |
|
| Details | sha256 | 2 | 665dc3519c2c235188201b5a8594fea205c3bcbc75193363b87d2837aca3c91f |
|
| Details | sha256 | 2 | d0279d5292bc5b25595115032820c978838678f4333b725998cfe9253e186d60 |
|
| Details | sha256 | 2 | ce278ca242aa2023a4fe04067b0a32fbd3ca1599746c160949868ffc7fc3d7d8 |
|
| Details | sha256 | 3 | 8a99353662ccae117d2bb22efd8c43d7169060450be413af763e8ad7522d2451 |
|
| Details | sha256 | 2 | 8524fbc0d73e711e69d60c64f1f1b7bef35c986705880643dd4d5e17779e586d |
|
| Details | IPv4 | 2 | 167.71.199.191 |
|
| Details | IPv4 | 2 | 167.71.222.162 |
|
| Details | Url | 2 | http://phishteam.xyz/02dcf07/first.exe |
|
| Details | Url | 2 | http://phishteam.xyz/02dcf07/index.html |