Go to the Manage Hashes tab and add e1d5f9920d3674697920409a8ec3f898 to the blocklist.
The malware attempts to connect to the IP 104.28.18.238 . 3. Recommended Mitigation (The "Summit" Challenge Steps)
The file masquerades as a standard video file ( .mp4 ) to evade casual observation. However, upon execution in the sandbox environment, it exhibits classic malware behavior by attempting to establish persistence and calling home to a suspicious IP address. septMeetii1mp4
It sounds like you're working through the (part of the SOC Level 1 path). In this challenge, septMeetii1.mp4 is a malicious file used by an adversary.
To progress in the task and climb the "Pyramid of Pain," you should take the following actions in the simulation: Go to the Manage Hashes tab and add
The primary indicator of compromise (IoC) is the MD5 hash e1d5f9920d3674697920409a8ec3f898 . This is what you need to block in the "Hashes" section of the PicoSecure dashboard.
Drops a secondary payload and communicates with an external Command & Control (C2) server. In this challenge, septMeetii1
Go to the Network Perimeter or Firewall tab and block traffic to 104.28.18.238 .