Forum Discussion

Bronze II

9 months ago

Solved

Threat Research: Cobalt Strike C2 – SIEM Analysis - Question 4

Hello, I'm trying to solve Question 4 of the "Threat Research: Cobalt Strike C2 – SIEM Analysis" lab, I've solved every other question EXCEPT that one. "What's the earliest @timestamp for the retu...

help & support

ColeS
9 months ago
Hey folks, I consulted with a colleague who finished the lab and got the answer with their advice. Format of the answer is HH.MM.SS (periods instead of colons), and they used event.created field instead of @timestamp. Also gotta check timezones ;)

The wording of the question is a bit misleading here, may want to address that?

ColeS

Bronze II

9 months ago

Hey folks, I consulted with a colleague who finished the lab and got the answer with their advice. Format of the answer is HH.MM.SS (periods instead of colons), and they used event.created field instead of @timestamp. Also gotta check timezones ;)

The wording of the question is a bit misleading here, may want to address that?

KieranRowley

Community Manager

9 months ago

Thank you for the feedback ColeS I will pass it along to the lab author

Forum Discussion

Threat Research: Cobalt Strike C2 – SIEM Analysis - Question 4

Featured Places

Help & Support Forum

Related Content

Practical Malware Analysis: Static Analysis question 18

Practical Malware Analysis: Static Analysis question 19

Threat Research: Dependency Confusion Q8

How to Answer a Question

How to Ask a Question

Recent Discussions

Hack Your First Web App: Ep.4 Missing Cookie

It seems correct answer is not accepted.

Help with Introduction to Python Scripting: Ep.7 – Demonstrate Your Skills

Privilege Escalation: Windows – Finding Passwords

Microsoft Defender for Cloud: Inventory, Resource Health and Recommendations.