Forum Discussion

ba20's avatar
ba20
Icon for Bronze I rankBronze I
6 months ago

Need help on question 10 in "Wizard Spider DFIR: Ep.2 – Ransomware Analysis" lab

Based on the name of the .html files, file hash and the behavior observed, what is the name of the ransomware used by the attackers?

 

How can I approach the search for the above task on elastic search

3 Replies

  • Anonymous's avatar
    Anonymous

    H ba20 glad you've solved this! Would you mind sharing how you successfully approached the search with the rest of the community, in case anyone else is stuck on this lab? Thanks!