T1059-007 is a blue team lab that falls under the Malware Analysis category and will cover the following subjects: CyberChef, Notepad++, ProcMon, Process Hacker, AutoRuns, diff, PowerShell transcripts, Execution.
Learning Objectives
Analyze malware file system activity with ProcMon, identify scheduled task persistence using AutoRuns, and configure PowerShell logging for script execution.
Categories: Malware Analysis.
MITRE ATT&CK Tactics: Execution.
Tools: Notepad++, CyberChef, ProcMon, AutoRuns, Process Hacker, diff, PowerShell transcripts.
Difficulty: hard.
This website uses cookies to ensure you get the best experience on our
website.
Learn more