bf7750
17 days agoBronze I
APT29 Threat Hunting with Elasticsearch: Ep.5 – LNK File Analysis - Tools?
I was able to complete Ep. 1-4 without much difficulty because I have previous experience with Elasticsearch. But this lab feels like getting pushed into the deep end with no floaties.
Not only is this lab not related at all to Elasticsearch, I don't see any links to the suite of tools that I am supposed to know about (Ghidra, procmon, HxD?) in order to decode and analyze malware. Did I miss the prerequisites for this series?
I am trying to find a path forward. I don't know where to start with this lab. I have been poking around for a while, but it hasn't been productive. Are there supporting labs that I should consider completing first? And if so, can the course material be updated to reflect this?