TryHackMe | Investigating with Splunk Walkthrough
Tags
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Powershell - T1059.001 Tool - T1588.002 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | 6f381b59-d352-4406-a759-422c26109bc9 |
| Fingerprint | b041011385a3c440 |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | March 7, 2023, 5:03 p.m. |
| Added to db | March 7, 2023, 7:22 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | TryHackMe | Investigating with Splunk Walkthrough |
| Title | TryHackMe | Investigating with Splunk Walkthrough |
| Detected Hints/Tags/Attributes | 28/1/6 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 6 | www.ultimatewindowssecurity.com |
|
| Details | File | 31 | c:\windows\system32\wbem\wmic.exe |
|
| Details | IPv4 | 9 | 10.10.10.5 |
|
| Details | Url | 3 | http://10.10.10.5/news.php |
|
| Details | Url | 1 | https://www.ultimatewindowssecurity.com/securitylog/encyclopedia |
|
| Details | Windows Registry Key | 3 | HKLM\SAM\SAM\Domains\Account\Users\Names\A1berto |