Parsing binary files :: Velociraptor - Digging deeper!
Tags
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Powershell - T1059.001 Python - T1059.006 Tool - T1588.002 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | db4e9d11-7e6f-4168-b1f0-3382bc56842c |
| Fingerprint | 34431e10253d4eb6 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 19, 2021, midnight |
| Added to db | Aug. 31, 2024, 2:11 a.m. |
| Last updated | Sept. 21, 2024, 7:34 a.m. |
| Headline | Parsing binary files |
| Title | Parsing binary files :: Velociraptor - Digging deeper! |
| Detected Hints/Tags/Attributes | 29/1/8 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 104 | ✔ | Velociraptor Blog | https://docs.velociraptor.app/blog/index.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 35 | www.velocidex.com |
|
| Details | File | 1 | x.url |
|
| Details | File | 1 | forensics.cer |
|
| Details | File | 15 | windows.sys |
|
| Details | Github username | 9 | velocidex |
|
| Details | Url | 1 | https://github.com/velocidex/velociraptor/blob/master/artifacts/definitions/windows/forensics/certutil.yaml |
|
| Details | Url | 5 | https://www.velocidex.com/training |
|
| Details | Url | 7 | https://www.velocidex.com/discord. |