Forum Discussion

Bronze II

9 months ago

Solved

Threat Research: Cobalt Strike C2 – SIEM Analysis - Question 4

Hello, I'm trying to solve Question 4 of the "Threat Research: Cobalt Strike C2 – SIEM Analysis" lab, I've solved every other question EXCEPT that one. "What's the earliest @timestamp for the retu...

help & support

ColeS
9 months ago
Hey folks, I consulted with a colleague who finished the lab and got the answer with their advice. Format of the answer is HH.MM.SS (periods instead of colons), and they used event.created field instead of @timestamp. Also gotta check timezones ;)

The wording of the question is a bit misleading here, may want to address that?

TillyCorless

Community Manager

9 months ago

Hi ColeS

Thanks for the question and sharing where you think you might need some assistance. Let me speak to the lab author and get back to you, unless any member of the community has completed this lab and can offer some advice in the meantime!

Forum Discussion

Threat Research: Cobalt Strike C2 – SIEM Analysis - Question 4

Featured Places

Help & Support Forum

Related Content

Practical Malware Analysis: Static Analysis question 18

Practical Malware Analysis: Static Analysis question 19

Threat Research: Dependency Confusion Q8

How to Answer a Question

How to Ask a Question

Recent Discussions

Hack Your First Web App: Ep.4 Missing Cookie

It seems correct answer is not accepted.

Help with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills

Privilege Escalation: Windows – Finding Passwords

Microsoft Defender for Cloud: Inventory, Resource Health and Recommendations.