Forum Discussion

Bronze II

9 months ago

Solved

Threat Research: Cobalt Strike C2 – SIEM Analysis - Question 4

Hello, I'm trying to solve Question 4 of the "Threat Research: Cobalt Strike C2 – SIEM Analysis" lab, I've solved every other question EXCEPT that one. "What's the earliest @timestamp for the retu...

help & support

ColeS
9 months ago
Hey folks, I consulted with a colleague who finished the lab and got the answer with their advice. Format of the answer is HH.MM.SS (periods instead of colons), and they used event.created field instead of @timestamp. Also gotta check timezones ;)

The wording of the question is a bit misleading here, may want to address that?

TillyCorless

Community Manager

9 months ago

Hi ColeS

Thanks for the question and sharing where you think you might need some assistance. Let me speak to the lab author and get back to you, unless any member of the community has completed this lab and can offer some advice in the meantime!

Forum Discussion

Threat Research: Cobalt Strike C2 – SIEM Analysis - Question 4

Featured Places

Help & Support Forum

Related Content

Practical Malware Analysis: Static Analysis question 18

Practical Malware Analysis: Static Analysis question 19

Threat Research: Dependency Confusion Q8

How to Answer a Question

How to Ask a Question

Recent Discussions

A Letter to Santa

Hack Your First Web App: Ep.6 - Hydra

GuardDuty: Demonstrate Your Skills

Infrastructure Hacking: Responder Network Poisoning

copy-paste-compromise-malicious-documents-analysis