Forum Discussion

Bronze I

2 months ago

Solved

APT29 Threat Hunting with Elasticsearch: Ep.5 – LNK File Analysis - Tools?

I was able to complete Ep. 1-4 without much difficulty because I have previous experience with Elasticsearch. But this lab feels like getting pushed into the deep end with no floaties. Not only i...

help & support

netcat
2 months ago
You could do the "PowerShell Basics" and/or the "PowerShell Deobfuscation" series.
Or if you want a quick-start just try "strings <filename>" and start to investigate.

jamesstammers

Bronze I

2 months ago

Hello,

It is quite tricky getting started with this one because of the little information you're given. HxD is a good place to start, and with a little knowledge of how to decode popular encoding methods in the CLI you should be able to figure it out!

Forum Discussion

APT29 Threat Hunting with Elasticsearch: Ep.5 – LNK File Analysis - Tools?

Related Content

Malicious Document Analysis: Dropper Analysis

FIN7 Threat Hunting with Splunk: Ep.3 – Execution Logs

Help needed for Threat Hunting - Credential Access

Malicious Document Analysis: Dropper Analysis

Help needed for Threat Hunting: Mining Behaviour

Recent Discussions

Microsoft Sentinel SOAR: Playbooks Issue

Secure Testing: SQL Injection

python-scripting-for-malware-analysis-ep-5-code-obfuscation

Web App Hacking Lab

Introduction To Elastic: Ep.9 – ES|QL