Initial Enumeration sudo nmap -sC -sV -vv --top-ports=5000 $TARGETIP -oN nmapout PORT STATE SERVICE REASON VERSION 21/tcp open ftp syn-ack ttl 127 Microsoft ftpd | ftp-anon: Anony...

Initial Enumeration Let’s start with our standard nmap scan sudo nmap -sC -sV -vv --top-ports=5000 $TARGETIP -oN nmapout Open Ports nmapout:53/tcp open domain syn-ack ttl 127 Simple DNS...

Initial Enumeration Let’s start with our standard nmap scan sudo nmap -sC -sV -vv --top-ports=5000 $TARGETIP -oN nmapout Open Ports 53/tcp open domain syn-ack ttl 127 Microsoft DNS 6.1...

Intro Received an email from no-reply@je-suis-licencie.info, with a basic invoice phishing content in German. Initial Infection This malware came disguised as a zip folder. Rechnung_BTKR24_0008703...

Intro This malware came from a spam email received from: no-reply@clarinetthai.com The email was written in German, however the code is using a Russian IP Initial Infection This malware came disg...