T3CH

Home

Newsletter

About

Follow publication

Snoop & Learn about Technology, AI, Hacking, Coding, Software, News, Tools, Leaks, Bug Bounty…

Follow publication

Member-only story

TryHackMe | Threat Hunting With YARA | WriteUp

This room focuses on using YARA for threat hunting

Published in

T3CH

2 min readNov 14, 2024

↓↓↓ Click here and earn $5 TryHackMe credit ↓↓↓

https://tryhackme.com/signup?referrer=62f3f5b5f9ea33006194e018

TryHackMe | Threat Hunting With YARA | WriteUp

Find the room here: https://tryhackme.com/r/room/threathuntingwithyara

Task 1 Introduction

Are you ready to hunt for malware?

No answer needed

Task 2 Scenario Description

What technique does ID T1134 describe?

Access Token Manipulation

What does the detection rule M_APT_Dropper_Rootsaw_Obfuscated detect?

Detects obfuscated ROOTSAW payloads

Task 3 Opportunities for Threat Hunting

Which threat hunting style is proactive and uses indicators of attack and TTPs?

structured hunting

In which phase of the threat hunting process, tools like YARA or Volatility are used?

Investigation

You have received a threat intelligence report consisting only of Indicators of Compromise. What threat hunting style do you recommend to use?

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app

Or, continue in mobile web

Already have an account? Sign in

Published in T3CH

Last published 1 day ago

Snoop & Learn about Technology, AI, Hacking, Coding, Software, News, Tools, Leaks, Bug Bounty, OSINT & Cybersecurity !¡! But, not limited 2, anything that is Tech Linked…You’ll probably find here ! ;) — Stay ahead with Latest Tech News! -> You write about? Just ping to join !

Written by Axoloth

Cybersecurity & Artificial Intelligence

No responses yet

Write a response

What are your thoughts?

Also publish to my profile

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams