GrabThePhisher Blue Team Challenge

Category : Threat Intel

4.4

Easy

Which wallet is used for asking the seed phrase?

Weight : 50 | Solved : 1936

What is the file name that has the code for the phishing kit?

Weight : 50 | Solved : 1849

In which language was the kit written?

Weight : 50 | Solved : 1880

What service does the kit use to retrieve the victim's machine information?

Weight : 100 | Solved : 1656

How many seed phrases were already collected?

Weight : 100 | Solved : 1756

Write down the seed phrase of the most recent phishing incident?

Weight : 150 | Solved : 1719

Which medium had been used for credential dumping?

Weight : 150 | Solved : 1681

What is the token for the channel?

Weight : 250 | Solved : 1720

What is the chat ID of the phisher's channel?

Weight : 250 | Solved : 1723

Q10

What are the allies of the phish kit developer?

Weight : 300 | Solved : 1712

Q11

What is the full name of the Phish Actor?

Weight : 300 | Solved : 1580

Q12

What is the username of the Phish Actor?

Weight : 300 | Solved : 1576

Instructions:

Uncompress the challenge (pass: cyberdefenders.org)

Scenario:

An attacker compromised a server and impersonated https://pancakeswap.finance/, a decentralized exchange native to BNB Chain, to host a phishing kit at https://apankewk.soup.xyz/mainpage.php. The attacker set it as an open directory with the file name "pankewk.zip".

Provided the phishing kit, you as a soc analyst are requested to analyze it and do your threat intel homework.