ioc[.]one - OSINT Cyber Threat Intelligence Database

CyberDefenders — Ramnit Blue Team Lab Walkthrough

Tags

country:	Hong Kong
attack-pattern:	Data Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	94966b6b-7432-4855-be38-478d0670dcb2
Fingerprint	bd2add0129b20681
Analysis status	DONE
Considered CTI value	-2
Text language
Published	Nov. 4, 2024, 12:02 a.m.
Added to db	Nov. 4, 2024, 1:21 a.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	CyberDefenders— Ramnit Blue Team Lab Walkthrough
Title	CyberDefenders — Ramnit Blue Team Lab Walkthrough
Detected Hints/Tags/Attributes	44/2/20

Source URLs

	Redirection	Url
Details	Source	https://stumblesec.medium.com/cyberdefenders-ramnit-blue-team-lab-walkthrough-d2311959d5f3?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	stumblesec.medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	44	cyberdefenders.org
Details	Domain	123	ipinfo.io
Details	Domain	11	remnux.org
Details	Domain	4127	github.com
Details	Domain	170	www.sans.org
Details	Domain	268	www.virustotal.com
Details	File	25	windows.ps
Details	File	9	memory.dmp
Details	File	18	chromesetup.exe
Details	Github username	10	volatilityfoundation
Details	sha256	1	1ac890f5fa78c857de42a112983357b0892537b73223d7ec1e1f43f8fc6b7496
Details	IPv4	1	58.64.204.181
Details	Url	2	https://cyberdefenders.org/blueteam-ctf-challenges/ramnit
Details	Url	5	https://remnux.org
Details	Url	2	https://github.com/volatilityfoundation/volatility3
Details	Url	1	https://www.sans.org/posters/hunt-evil
Details	Url	2	https://github.com/volatilityfoundation/volatility/wiki/command-reference
Details	Url	9	https://ipinfo.io
Details	Url	1	https://www.virustotal.com/gui/ip-address/58.64.204.181/details
Details	Url	1	https://www.virustotal.com/gui/file/1ac890f5fa78c857de42a112983357b0892537b73223d7ec1e1f43f8fc6b7496/details