Forum Discussion

Bronze III

20 hours ago

Ransomware: Darkside - Question 9

In terms of determining the name of the service that is installed after the ransomware was executed, there doesn't seem to be any service installation activities observed from the endpoint. Wonde...

Bronze III

19 hours ago

When parsing for the service names during execution I am also struggling to find a meaningful link as well

Which includes parsing for the eventID itself

Forum Discussion

Ransomware: Darkside - Question 9

Featured Places

Help

Related Content

Ransomware: Darkside - Question 8

How to Answer a Question

How to Ask a Question

Ransomware: Annabelle Entry Point

Ransomware: Bad Rabbit - Registry key

Recent Discussions

Apache Header Tampering

Ransomware: Darkside - Question 9

Ransomware: Darkside - Question 8

AI Blue Teaming Foundations: Introduction to AI Blue Teaming (Part 2) - Q7 Impossible

Modern Encryption Issue