Just Another Blue Teamer · @LeeArchinal
88 followers · 143 posts · Server ioc.exchange
#HappyMonday everyone and it's always a good start when the new The DFIR Report drops! This one includes #Truebot, #CobaltStrike, and ends in data exfiltration and the deployment of the #MBRKiller. Enjoy and Happy Hunting!
Link in the comments!
***I am going to leave one of the MITRE ATT&CK blank. I would like to see if any of you that see this can help FILL in that blank! If so, leave your thoughts in the comments OR send me a DM!***
TA0001 - Initial Access
T1566.002 - Phishing: Spearphishing Link
TA0002 - Execution
T1053.005 - Scheduled Task/Job: Scheduled Task
T1204.002 - User Execution: Malicious File
TA0003 - Persistence
T1053.005 - Scheduled Task/Job: Scheduled Task
T1078.003 - Valid Accounts: Local Accounts
TA0008 - Lateral Movement
[Here is your chance to fill in the blanks! Enjoy!]
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting
#happymonday #truebot #cobaltstrike #mbrkiller #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting
S!Ri · @siri_urz
75 followers · 38 posts · Server mastodon.social
S!Ri · @siri_urz
75 followers · 37 posts · Server mastodon.social
Zakaz #MBRKiller
CD1EDE7FF1E3F936C9AD7C26DC022AC6
D:\С++ Проекти\Virus Zakaz\Release\Virus Zakaz.pdb