Instructions:
- Uncompress the lab (pass: cyberdefenders.org)
Scenario:
You are part of the Threat Intelligence team in the SOC (Security Operations Center). An executable file has been discovered on a colleague’s computer, and it’s suspected to be linked to a Command and Control (C2) server, indicating a potential malware infection.
Your task is to investigate this executable by analyzing its hash. The goal is to gather and analyze data that is beneficial to other SOC members, including the Incident Response team, in order to efficiently respond to this suspicious behavior.
Tools:
- Whois
- VirusTotal
- MalwareBazaar
- ThreatFox