Forum Discussion
Brute Ratel: Extracting Indicators of Compromise
Hi Team, Please assist me with "Brute Ratel: Extracting Indicators of Compromise" Lab, I am stuck with Q. 4 and 7. Thank you!
7. Look at sample2.exe. What IP address can be found in the configuration section?
4. What sequence of hexadecimal characters is used to separate sections of the configuration block? (\xDE\xAD\xBE)
netcat
Advocate
AdvocateWe can't give you the solution, but if you tell what you did you'll get hints to point you to the right direction.
- SamDickison
Community Manager
Hey Phoenix123 did you manage to complete the lab in the end?
