Ransomware Investigation with Splunk | TryHackMe PS Eclipse

Поделиться
HTML-код
  • Опубликовано: 14 ноя 2022
  • In this video walk-through, we used Splunk to investigate the ransomware activity on a Windows machine. The ransomware was downloaded to the machine through Powershell and did a partial file system encryption.
    ********
    Splunk Training Playlist
    • Investigating Cerber R...
    ******
    Receive Cyber Security Field Notes and Special Training Videos
    / @motasemhamdan
    *******
    Writeup
    motasem-notes.net/ransomware-...
    ********
    Instagram
    / dev.stuxnet
    Twitter
    / manmotasem
    Facebook
    / motasemhamdantty
    LinkedIn
    [1]: / motasem-hamdan-7673289b
    [2]: / motasem-eldad-ha-bb424...
    Website
    www.motasem-notes.net
    Patreon
    www.patreon.com/motasemhamdan...
    Backup channel
    / @hacknotesbackup
    My Movie channel:
    / @motasemhamdanhacknotes
    ******

Комментарии • 14

  • @uzoukwuericiyke9120
    @uzoukwuericiyke9120 5 месяцев назад

    Wonderful video.
    Really helpful. Thanks 🙏🏽

  • @Ricknroll9
    @Ricknroll9 10 месяцев назад

    Thanks! I was stuck at the end

  • @octaviouswilliams1091
    @octaviouswilliams1091 Год назад

    Amazing video!
    Thank you for giving us detailed insight into your methodology and thought process for this investigation.
    I have learned so much from this one video!

  • @adonistarcio
    @adonistarcio Год назад

    Great video dude. I like how you teach. Keep it up!

  • @shivaas6122
    @shivaas6122 Год назад

    Man loved it❤

  • @Cybernetblog
    @Cybernetblog Год назад +2

    Thanks that was great. One question. Instead of having to upload log files to splunk for analysis. Can I connect my devices to splunk directly. Secondly can splunk analyze snort log files? I’ve always seen suricata IDS log files in most demo…. Thirdly can you do a video on Microsoft sentinel. Thanks

    • @rafaelbelahssen2514
      @rafaelbelahssen2514 Год назад +1

      yes, you can forward your logs using Splunk Universal Forwarder

  • @adonistarcio
    @adonistarcio Год назад +2

    By the way, the way I could be sure it was script.ps1 was by checking the hashes of all script files which shows them all are distributed by Microsoft, except script.ps1 which also shows as malicious

    • @MotasemHamdan
      @MotasemHamdan  Год назад +3

      Definitely right it slipped off my mind.

  • @johnvardy9559
    @johnvardy9559 3 месяца назад

    how i become soc analyst hero?

  • @bczx9071
    @bczx9071 Год назад

    First bro

Следующие
Автовоспроизведение
Investigate an Infected Machine with Splunk | TryHackMe Benign22:07Investigate an Infected Machine with Splunk | TryHackMe Benign
Investigate an Infected Machine with Splunk | TryHackMe BenignMotasem Hamdan
Просмотров 7 тыс.
Investigating A Ransomware Attack in Splunk : Tryhackme PS Eclipse Walkthrough19:25Investigating A Ransomware Attack in Splunk : Tryhackme PS Eclipse Walkthrough
Investigating A Ransomware Attack in Splunk : Tryhackme PS Eclipse WalkthroughI.T Security Labs
Просмотров 472
Windows Endpoint Investigation with Splunk | TryHackMe New Hire Old Artifacts24:36Windows Endpoint Investigation with Splunk | TryHackMe New Hire Old Artifacts
Windows Endpoint Investigation with Splunk | TryHackMe New Hire Old ArtifactsMotasem Hamdan
Просмотров 2,5 тыс.
DOORS: FLOOR 2 FULL TRAILER01:03DOORS: FLOOR 2 FULL TRAILER
DOORS: FLOOR 2 FULL TRAILERLSPLASH
Просмотров 2,1 млн
SUMMER PART 2 OUT! *ALL Codes!* Mermaid QUEST GUIDE, 24 ITEM Showcase! | ROBLOX Dress To Impress11:50SUMMER PART 2 OUT! *ALL Codes!* Mermaid QUEST GUIDE, 24 ITEM Showcase! | ROBLOX Dress To Impress
SUMMER PART 2 OUT! *ALL Codes!* Mermaid QUEST GUIDE, 24 ITEM Showcase! | ROBLOX Dress To Impresscallmehhaley
Просмотров 368 тыс.
FEEDING STARVING INFLUENCERS FT. THE STURNIOLO TRIPLETS53:00FEEDING STARVING INFLUENCERS FT. THE STURNIOLO TRIPLETS
FEEDING STARVING INFLUENCERS FT. THE STURNIOLO TRIPLETSQuenlin Blackwell
Просмотров 789 тыс.
David Beckham Beach Kicks DEBUNK17:20David Beckham Beach Kicks DEBUNK
David Beckham Beach Kicks DEBUNKCaptain Disillusion
Просмотров 833 тыс.
Investigating Infected Windows with Volatility Framework | TryHackMe | Memory Forensics27:36Investigating Infected Windows with Volatility Framework | TryHackMe | Memory Forensics
Investigating Infected Windows with Volatility Framework | TryHackMe | Memory ForensicsMotasem Hamdan
Просмотров 8 тыс.
Strange File in Downloads Folder? Gootloader Malware Analysis30:20Strange File in Downloads Folder? Gootloader Malware Analysis
Strange File in Downloads Folder? Gootloader Malware AnalysisJohn Hammond
Просмотров 699 тыс.
Ransomware Investigation: The Complete Demo37:17Ransomware Investigation: The Complete Demo
Ransomware Investigation: The Complete DemoTechstrong TV
Просмотров 769
Splunk Ransomware Investigation Part 1 -1:36:52Splunk Ransomware Investigation Part 1 -
Splunk Ransomware Investigation Part 1 -eLearnInfoSec
Просмотров 970
Cyber Incident Response with Splunk | TryHackMe Incident Handling with Splunk44:44Cyber Incident Response with Splunk | TryHackMe Incident Handling with Splunk
Cyber Incident Response with Splunk | TryHackMe Incident Handling with SplunkMotasem Hamdan
Просмотров 24 тыс.
Detecting Log4j Exploit with Snort | TryHackMe Snort Challenge28:53Detecting Log4j Exploit with Snort | TryHackMe Snort Challenge
Detecting Log4j Exploit with Snort | TryHackMe Snort ChallengeMotasem Hamdan
Просмотров 7 тыс.
Why The Windows Phone Failed24:08Why The Windows Phone Failed
Why The Windows Phone FailedApple Explained
Просмотров 167 тыс.
Investigating FTP with Splunk | TryHackMe Boss of the SOC v221:30Investigating FTP with Splunk | TryHackMe Boss of the SOC v2
Investigating FTP with Splunk | TryHackMe Boss of the SOC v2Motasem Hamdan
Просмотров 9 тыс.
Data Exfiltration Techniques | DNS Exfiltration | TryHackMe20:12Data Exfiltration Techniques | DNS Exfiltration | TryHackMe
Data Exfiltration Techniques | DNS Exfiltration | TryHackMeMotasem Hamdan
Просмотров 11 тыс.
Викторина от ПАПЫ 🆘 | WICSUR #shorts00:56Викторина от ПАПЫ 🆘 | WICSUR #shorts
Викторина от ПАПЫ 🆘 | WICSUR #shortsБискас
Просмотров 1,2 млн
Help Barry And Barry Woman Scan Prisoners00:23Help Barry And Barry Woman Scan Prisoners
Help Barry And Barry Woman Scan PrisonersGarri Creative
Просмотров 2,8 млн
Идеальный рецепт маринованных огурцов00:57Идеальный рецепт маринованных огурцов
Идеальный рецепт маринованных огурцовElesha_povar
Просмотров 287 тыс.
Schoolboy - Часть 200:12Schoolboy - Часть 2
Schoolboy - Часть 2⚡️КАН АНДРЕЙ⚡️
Просмотров 3,1 млн
Редакция. News: 128-я неделя57:38Редакция. News: 128-я неделя
Редакция. News: 128-я неделяРедакция
Просмотров 1,2 млн
кажется, началось00:45кажется, началось
кажется, началосьDragon Docx
Просмотров 1,6 млн
"Хезболла" запустила ракеты по позициям армии Израиля возле Ливана #shorts #short #новости00:33"Хезболла" запустила ракеты по позициям армии Израиля возле Ливана #shorts #short #новости
"Хезболла" запустила ракеты по позициям армии Израиля возле Ливана #shorts #short #новостиТелеканал ОНТ
Просмотров 410 тыс.
РЕАЛИТИ - 5 СЕРИЯ. ШЕЙХ VS ТОРНИКЕ. СТЫЧКА: ЗОРАН - АНИМЕШНИК. БОИ 1/8. НАКАЗАНИЕ СИНИХ. ФУТБОЛ1:27:23РЕАЛИТИ - 5 СЕРИЯ. ШЕЙХ VS ТОРНИКЕ. СТЫЧКА: ЗОРАН - АНИМЕШНИК. БОИ 1/8. НАКАЗАНИЕ СИНИХ. ФУТБОЛ
РЕАЛИТИ - 5 СЕРИЯ. ШЕЙХ VS ТОРНИКЕ. СТЫЧКА: ЗОРАН - АНИМЕШНИК. БОИ 1/8. НАКАЗАНИЕ СИНИХ. ФУТБОЛHardcore Fighting Reality Show
Просмотров 245 тыс.