Forum Discussion

Bronze III

6 days ago

APT34: PoisonFrog - Question 6

For the What is the name of the file that executes the HTTP and DNS handling scripts?, I am confused on where I should be digging deeper as the powershell script was showcased to be wrong in terms ...

help & support

immersive labs

SamDickison

Community Manager

57 minutes ago

Hey kevinh since it's been a few days, I tried to find a hint for you. I hope it helps:

"Look closely at how the PoisonFrog C2 framework is structured on the filesystem. The framework relies on a main orchestration file (often a PowerShell or server-side script) that listens for connections and serves as the master coordinator for those individual HTTP and DNS protocol-handling scripts."

I hope that's correct. Perhaps a Community member can give you a better tip....

Forum Discussion

APT34: PoisonFrog - Question 6

Featured Places

Help

Related Content

APT34: Glimpse - Question 4

Ransomware: Darkside - Question 9

How to Answer a Question

How to Ask a Question

Ransomware: Darkside - Question 8

Recent Discussions

APT34: PoisonFrog - Question 6

APT34: Glimpse - Question 4

Hafnium: ProxyLogon (Offensive) - Question 3

Hafnium: ProxyLogon (Offensive) - Question 3

Threat Actors: Salt Typhoon – SNAPPYBEE Campaign Analysis - Question 3