Septmeetii1mp4
Go to the Network Perimeter or Firewall tab and block traffic to 104.28.18.238 .
Drops a secondary payload and communicates with an external Command & Control (C2) server.
The file masquerades as a standard video file ( .mp4 ) to evade casual observation. However, upon execution in the sandbox environment, it exhibits classic malware behavior by attempting to establish persistence and calling home to a suspicious IP address.
The primary indicator of compromise (IoC) is the MD5 hash e1d5f9920d3674697920409a8ec3f898 . This is what you need to block in the "Hashes" section of the PicoSecure dashboard.
It sounds like you're working through the (part of the SOC Level 1 path). In this challenge, septMeetii1.mp4 is a malicious file used by an adversary.
To progress in the task and climb the "Pyramid of Pain," you should take the following actions in the simulation:
Go to the Network Perimeter or Firewall tab and block traffic to 104.28.18.238 .
Drops a secondary payload and communicates with an external Command & Control (C2) server.
The file masquerades as a standard video file ( .mp4 ) to evade casual observation. However, upon execution in the sandbox environment, it exhibits classic malware behavior by attempting to establish persistence and calling home to a suspicious IP address.
The primary indicator of compromise (IoC) is the MD5 hash e1d5f9920d3674697920409a8ec3f898 . This is what you need to block in the "Hashes" section of the PicoSecure dashboard.
It sounds like you're working through the (part of the SOC Level 1 path). In this challenge, septMeetii1.mp4 is a malicious file used by an adversary.
To progress in the task and climb the "Pyramid of Pain," you should take the following actions in the simulation: