CyCTF24 Qualification | Forensics
Tags
attack-pattern: Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Software - T1592.002 Tool - T1588.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 97af1c0c-e393-4943-9076-0b7c72e4f3bc
Fingerprint 5fc798abada577c1
Analysis status DONE
Considered CTI value -2
Text language
Published Nov. 3, 2024, 4:22 p.m.
Added to db Nov. 3, 2024, 5:30 p.m.
Last updated Nov. 17, 2024, 5:58 p.m.
Headline CyCTF24 Qualification | Forensics
Title CyCTF24 Qualification | Forensics
Detected Hints/Tags/Attributes 29/1/9
Source URLs
Redirection Url
Details Source https://ahmed-naser.medium.com/cyctf24-qualification-forensics-0f8dbc398ec3?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com ahmed-naser.medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 11 
'system.dll
Details File 748 
kernel32.dll
Details IPv4 1 
192.168.116.129
Details Url 1 
http://192.168.116.129:80/klea
Details Windows Registry Key 4 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Details Windows Registry Key 1 
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.phantom\OpenWithList
Details Windows Registry Key 1 
HKCU\Software\Microsoft\GameApi
Details Windows Registry Key 2 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist
Details Windows Registry Key 1 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets