2: Triage to Investigations - Well That's New from password reset email not delivered Watch Video
Preview(s):
Gallery
Play Video: (Note: The default playback of the video is HD VERSION. If your browser is buffering the video slowly, please play the REGULAR MP4 VERSION or Open The Video below for better experience. Thank you!)
Description: From our previous triage efforts, we should recognize that the machine “NZ6J-LAPTOP” wasnnot seen in our initial investigation, therefore we should dig into how “infector.exe” ended up onnit! Let's pivot back into the machine’s FileCreationEvents data to see if we can determine hownthe malicious binary was delivered.nnnKey: Set time scope to 09/01/2019 -> 01/01/2022nn//Query 3//nLets pivot back into the machine (NZ6J-LAPTOP) to see if there are any interestingnfilesnntag=envolvelabs2-F
Play Video: (Note: The default playback of the video is HD VERSION. If your browser is buffering the video slowly, please play the REGULAR MP4 VERSION or Open The Video below for better experience. Thank you!)