To give you a "solid report," here is the forensic breakdown of that file based on the PicoSecure sandbox analysis within the simulation. Category Details File Name septMeetii1.mp4 MD5 Hash e1d5f9920d3674697920409a8ec3f898 Status Malicious Behavior
To progress in the task and climb the "Pyramid of Pain," you should take the following actions in the simulation:
It sounds like you're working through the (part of the SOC Level 1 path). In this challenge, septMeetii1.mp4 is a malicious file used by an adversary. septMeetii1mp4
The primary indicator of compromise (IoC) is the MD5 hash e1d5f9920d3674697920409a8ec3f898 . This is what you need to block in the "Hashes" section of the PicoSecure dashboard.
The malware attempts to connect to the IP 104.28.18.238 . 3. Recommended Mitigation (The "Summit" Challenge Steps) To give you a "solid report," here is
Go to the Manage Hashes tab and add e1d5f9920d3674697920409a8ec3f898 to the blocklist.
Go to the Network Perimeter or Firewall tab and block traffic to 104.28.18.238 . The primary indicator of compromise (IoC) is the
Drops a secondary payload and communicates with an external Command & Control (C2) server.