Forum Discussion

Phoenix123's avatar
Phoenix123
Icon for Bronze I rankBronze I
4 months ago

Brute Ratel: Extracting Indicators of Compromise

Hi Team,  Please assist me with "Brute Ratel: Extracting Indicators of Compromise" Lab, I am stuck with Q. 4 and 7. Thank you!
immersive labs
Phoenix123's avatar
Phoenix123
Icon for Bronze I rankBronze I
4 months ago

7. Look at sample2.exe. What IP address can be found in the configuration section?

4. What sequence of hexadecimal characters is used to separate sections of the configuration block? (\xDE\xAD\xBE)

netcat's avatar
netcat
Icon for Silver III rankSilver III
4 months ago

We can't give you the solution, but if you tell what you did you'll get hints to point you to the right direction.

  • SamDickison's avatar
    SamDickison
    Icon for Community Manager rankCommunity Manager
    16 hours ago

    Hey Phoenix123​ did you manage to complete the lab in the end?