Phobos

Phobos is a blue team lab that falls under the Malware Analysis category and will cover the following subjects: IDA, Ghidra, x32dbg, HxD, CFF Explorer, PEStudio, PEiD, Initial Access, Execution, Persistence, Defense Evasion, Discovery, Collection, Command and Control, Exfiltration, Impact.

Learning Objectives

Analyze the Phobos ransomware executable to identify its core behavior, encryption methods, and extract actionable indicators of compromise (IOCs).

Categories: Malware Analysis.

MITRE ATT&CK Tactics: Initial Access, Execution, Persistence, Defense Evasion, Discovery, Collection, Command and Control, Exfiltration, Impact.

Tools: x32dbg, HxD, IDA, Ghidra, CFF Explorer, PEStudio, PEiD.

Difficulty: insane.