BRabbit

BRabbit is a blue team lab that falls under the Threat Intel category and will cover the following subjects: Email Header Analyzer, malpedia, ANY.RUN, VirusTotal, MalwareURL, Execution, Persistence, Privilege Escalation, Command and Control, Impact.

Learning Objectives

Reconstruct a Bad Rabbit ransomware attack chain by analyzing phishing, persistence, and MBR modification using dynamic analysis and MITRE ATT&CK.

Categories: Threat Intel.

MITRE ATT&CK Tactics: Execution, Persistence, Privilege Escalation, Command and Control, Impact.

Tools: malpedia, VirusTotal, ANY.RUN, Email Header Analyzer, MalwareURL.

Difficulty: medium.