Forum Discussion

Bronze III

21 days ago

Solved

APT29 Threat Hunting with Splunk: Demonstrate Your Skills - Question 10

In relation towards the question : A PowerShell script was initially executed to extract encoded data from an image file. What is the full ParentCommandLine field value used to execute this? I am p...

help & support

immersive labs

kevinh
19 days ago
nevermind, I just had to parse for powershell commands with image file extensions, with the help of Gemini

kevinh

Bronze III

19 days ago

nevermind, I just had to parse for powershell commands with image file extensions, with the help of Gemini

Forum Discussion

APT29 Threat Hunting with Splunk: Demonstrate Your Skills - Question 10

Featured Places

Help

Related Content

APT29 Threat Hunting with Splunk: Ep.11 – Demonstrate Your Skills - Question to Q9

Threat Hunting Mining Behaviour - Question 1

APT29 Threat Hunting with Elasticsearch: Ep.11 – Demonstrate Your Skills

Threat Hunting: Cowrie Honeypot - Question on Panama

PowerShell Basics: Demonstrate Your Skills question 11/12

Recent Discussions

Healthcare Compliance

CTI First Principles: Threat actors and attribution Q9

Error in lab in SVMs Behavior Detection

Malicious Document Analysis: Dropper Analysis

Advanced CTF Challenge: Inner Maze