Intro to ISAC
-
Read the above and move on to 'What are ISACs'.
No Answer
-
Read the above and familiarize yourself with the various terminology.
No Answer
- Read the above and move on to, What are ISACs
-
Read the above and move on to What are IOCs?
No Answer
-
Read the Above and create a custom dashboard.
No Answer
-
Read the above and familiarize yourself with the OTX UI.
No Answer
-
Read the above and familiarize yourself with the OTX ISAC.
No Answer
-
Read the above and practice using the Cerber ransomware sample.
No Answer
Scenario 1
Your incident response team has quarantined a suspicious bin file. The team thinks it is a ransomware variation. Investigate and create indicators for the file.
You can find the shellcode under C:\Users\Jon\Documents\Scenarios\Scenario 1
Scenario 2
You have been assigned to analyze this week's quarantined files. The file is thought to be an unknown trojan or a new strain of the emotet malware. Investigate and create indicators for the file.
You can find the shellcode under C:\Users\Jon\Documents\Scenarios\Scenario 2
-
Read the above and complete the investigations
No Answer
-
What is the name of the file from Scenario 1?
Answer : 29D6161522C7F7F21B35401907C702BDDB05ED47.bin
-
What is the size of the file from Scenario 1 in bytes?
Answer : 96,535
-
What is the size on disk of the file from Scenario 1 in bytes?
Answer : 98,304
-
What is the MD5 hash of the file from Scenario 1?
Answer : 8baa9b809b591a11af423824f4d9726a
-
What is the name of the file from Scenario 2?
Answer : cryptowall.bin
-
What is the size of the file from Scenario 2 in bytes?
Answer : 246,272
-
What is the size on disk of the file from Scenario 2 in bytes?
Answer : 249,856
-
What is the MD5 hash of the file from Scenario 2?
Answer : 47363b94cee907e2b8926c1be61150c7
-
Create IOCs for both files using IOCe.
No Answer