ioc[.]one - OSINT Cyber Threat Intelligence Database

SECPlayground Hackloween CTF 2024 [Log Analysis & Incident write-up — R@b!T_T]

Tags

country:	Canada
attack-pattern:	Artificial Intelligence - T1588.007 Powershell - T1059.001 Rundll32 - T1218.011 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Powershell - T1086 Rundll32 - T1085

Show in Graph

Common Information

Type	Value
UUID	9ea12cd6-25dc-44c7-8d3f-0508d1dee496
Fingerprint	5588dcf36026cd99
Analysis status	DONE
Considered CTI value	-2
Text language
Published	Nov. 1, 2024, 4:26 a.m.
Added to db	Nov. 1, 2024, 5:30 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	SECPlayground Hackloween CTF 2024 [Log Analysis & Incident write-up — R@b!T_T]
Title	SECPlayground Hackloween CTF 2024 [Log Analysis & Incident write-up — R@b!T_T]
Detected Hints/Tags/Attributes	40/2/16

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@chaoskist/secplayground-hackloween-ctf-2024-log-analysis-incident-write-up-r-b-t-t-68efddf158fa?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	372		wscript.shell
Details	Domain	358		pastebin.com
Details	Domain	1		packet.zip
Details	File	2125		cmd.exe
Details	File	41		sample.exe
Details	File	1		packet.zip
Details	File	91		access.log
Details	File	49		error.log
Details	File	1204		index.php
Details	File	1		c:\xampp\htdocs\cli\index.php
Details	File	1		c:\\xampp\htdocs\cli\index.php
Details	sha256	1		6b6ec76ffb5c8922a34e4ef6f4fe39b4e7ebca7e7efe6252dbbe7d4252fc1a1e
Details	IPv4	6		192.168.1.116
Details	IPv4	38		10.10.10.10
Details	IPv4	2		192.168.1.184
Details	Url	1		https://pastebin.com/raw/nhwettjh