THM Room https://tryhackme.com/room/introtoisac
TASK 1 : Introduction
Read the above and move on to ‘What are ISACs’.
No Answer
TASK 2 : Basic Terminology
Read the above and familiarize yourself with the various terminology.
No Answer
TASK 3 : What is Threat Intelligence
Read the above and move on to, What are ISACs
No Answer
TASK 4 : What are ISACs
Read the above and move on to What are IOCs?
No Answer
TASK 5 : Using Threat Connect to create a Threat Intel dashboard
Read the Above and create a custom dashboard.
No Answer
TASK 6 : Introduction to AlienVault OTX
Read the above and familiarize yourself with the OTX UI.
No Answer
TASK 7 : Using OTX to gather Threat Intelligence
Read the above and familiarize yourself with the OTX ISAC.
No Answer
TASK 8 : Creating IOCs
Read the above and practice using the Cerber ransomware sample.
No Answer
TASK 9 : Investigation Scenarios
Scenario 1 Your incident response team has quarantined a suspicious bin file. The team thinks it is a ransomware variation. Investigate and create indicators for the file. You can find the shellcode under C:\Users\Jon\Documents\Scenarios\Scenario 1
Scenario 2 You have been assigned to analyze this week’s quarantined files. The file is thought to be an unknown trojan or a new strain of the emotet malware. Investigate and create indicators for the file.
You can find the shellcode under C:\Users\Jon\Documents\Scenarios\Scenario 2
Read the above and complete the investigations
No Answer
What is the name of the file from Scenario 1?
Answer : 29D6161522C7F7F21B35401907C702BDDB05ED47.bin
What is the size of the file from Scenario 1 in bytes?
Answer : 96,535
What is the size on disk of the file from Scenario 1 in bytes?
Answer : 98,304
What is the MD5 hash of the file from Scenario 1?
Answer : 8baa9b809b591a11af423824f4d9726a
What is the name of the file from Scenario 2?
Answer : cryptowall.bin
What is the size of the file from Scenario 2 in bytes?
Answer : 246,272
What is the size on disk of the file from Scenario 2 in bytes?
Answer : 249,856
What is the MD5 hash of the file from Scenario 2?
Answer : 47363b94cee907e2b8926c1be61150c7
Create IOCs for both files using IOCe.
No Answer