[TryHackMe] PS Eclipse
Tags
| attack-pattern: | Data Dns - T1071.004 Dns - T1590.002 Malicious File - T1204.002 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | 52bdff5b-2606-4e48-9be9-6f64b18ac370 |
| Fingerprint | 88031c320557cf8a |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | Sept. 30, 2024, 7:15 p.m. |
| Added to db | Sept. 30, 2024, 9:33 p.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | [TryHackMe] PS Eclipse |
| Title | [TryHackMe] PS Eclipse |
| Detected Hints/Tags/Attributes | 28/1/12 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | 886e-181-215-214-32.ngrok.io |
|
| Details | Domain | 1 | 9030-181-215-214-32.ngrok.io |
|
| Details | File | 2 | outstanding_gutter.exe |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 60 | c:\windows\system32\schtasks.exe |
|
| Details | File | 2 | c:\windows\temp\coutstanding_gutter.exe |
|
| Details | File | 21 | script.ps1 |
|
| Details | File | 2 | blacksun.ps1 |
|
| Details | File | 2 | c:\users\keegan\downloads\vasg6b0wmw029hd\blacksun_readme.txt |
|
| Details | File | 2 | c:\users\public\pictures\blacksun.jpg |
|
| Details | Url | 1 | http://886e-181-215-214-32.ngrok.io |
|
| Details | Url | 1 | http://9030-181-215-214-32.ngrok.io |