一次攻防实战演习复盘总结
Common Information
Type Value
UUID 4e1fb22d-c0ca-48aa-9573-541228abae3c
Fingerprint 6206e0588fd06acf
Analysis status DONE
Considered CTI value 0
Text language
Published May 28, 2019, midnight
Added to db Dec. 19, 2024, 11:52 a.m.
Last updated Dec. 23, 2024, 9:20 a.m.
Headline 一次攻防实战演习复盘总结
Title 一次攻防实战演习复盘总结
Detected Hints/Tags/Attributes 19/1/14
Source URLs
Attributes
Details Type #Events CTI Value
Details Domain 307
microsoft.net
Details Domain 40
pan.baidu.com
Details Domain 6752
163.com
Details File 1
使用完后删除access.log
Details File 1354
powershell.exe
Details File 258
wmic.exe
Details File 1
1.xsl
Details File 64
csc.exe
Details File 1
enterpriseservices.dll
Details File 305
msiexec.exe
Details File 1
检测通过url.dll
Details Url 1
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/appendix-f--securing-domain-admins-groups-in-active-directory配置域管理员权限
Details Url 1
http://x.x.x.x:81/aa
Details Url 1
https://pan.baidu.com/s/1kyt2zgimjd0l-vyr1nvnzg