Forum Discussion

Bronze II

4 months ago

Solved

APT29 Threat Hunting with Splunk: Ep.11 – Demonstrate Your Skills - Question to Q9

Hello everyone I can't find the solution to question 9 (How many file types were exfiltrated at this stage?) in APT29 Threat Hunting with Splunk: Ep.11 - Demonstrate Your Skills. I thought it was th...

challenges

defensive cyber

help & support

steven
4 months ago
you should find something like:
ParameterBinding(Get-ChildItem): name="Include"; value="*.doc, *.xps, ....
just count all the fileendings and count them.

steven

Silver II

4 months ago

you should find something like:

ParameterBinding(Get-ChildItem): name="Include"; value="*.doc, *.xps, ....

just count all the fileendings and count them.

technowooki
Bronze II
4 months ago
Thx for the help. :)

Forum Discussion

APT29 Threat Hunting with Splunk: Ep.11 – Demonstrate Your Skills - Question to Q9

Featured Places

Help & Support Forum

Related Content

How to Answer a Question

How to Ask a Question

S3: Demonstrate Your Skills

Help needed for Threat Hunting: Mining Behaviour

FIN7 Threat Hunting with Splunk: Ep.3 – Execution Logs

Recent Discussions

Foundational Static Analysis: API Analysis step 10

copy-paste-compromise-malicious-documents-analysis

Brute Ratel: Extracting Indicators of Compromise

Microsoft Defender for Cloud: Inventory, Resource Health and Recommendations.

Snort Rules: Ep.9 – Exploit Kits