Windows Event Logs | TryHackMe
Tags
attack-pattern: Data Dns - T1071.004 Dns - T1590.002 Downgrade Attack - T1562.010 Hardware - T1592.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Tool - T1588.002 Account Manipulation - T1098 Logon Scripts - T1037 New Service - T1050 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID acafa548-b111-4387-9e3b-1d6afd28741a
Fingerprint f64cbe4329b3af86
Analysis status DONE
Considered CTI value -2
Text language
Published Aug. 2, 2023, 12:13 p.m.
Added to db Aug. 2, 2023, 2:30 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Windows Event Logs | TryHackMe
Title Windows Event Logs | TryHackMe
Detected Hints/Tags/Attributes 64/1/8
Source URLs
Redirection Url
Details Source https://medium.com/@huglertomgaw/windows-event-logs-tryhackme-ec4bec4082e2?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 281 
docs.microsoft.com
Details Domain 1 
docs.micro-soft.com
Details Domain 3 
igorsec.blog
Details File 95 
wevtutil.exe
Details File 1 
c:\\windows\\system32\\net1.exe
Details File 2 
c:\windows\system32\net1.exe
Details MITRE ATT&CK Techniques 112 
T1098
Details Url 3 
http://igorsec.blog