1 1

Qbot Leads to Domain Compromise - Private Case #27101

Qbot Leads to Domain Compromise - Private Case #27101

Difficulty: Medium Medium

$22.99 USD
$22.99 USD
Sale Sold out
Access Limit
SIEM
Usage

This case is based on a Private Threat Brief. You'll get to investigate a domain-wide compromise involving a multi-day intrusion that started with a Qbot infection.

To read more about DFIR Labs click here.

Important: Choose the Correct License Type

Personal License

For individuals paying out of their own pocket for personal skill development only.

  • Self-funded learning
  • Personal skill improvement
  • No organizational benefit
Enterprise License

Required if any organization benefits from your use, including:

  • Company-sponsored training
  • Skills used for work purposes
  • Educational institutions
  • Team learning activities

Important: If your employer is paying for this lab OR if the skills learned will benefit your employer/organization in any way, you must purchase an Enterprise license. This applies even if you're paying personally but using the skills for work.

You will receive an email within 5 minutes of purchase with instructions on how to activate the lab. Buy now, use anytime within the next 3 months. Enjoy!

Disclaimer

All information in the DFIR Labs and analysis of that information shall be treated as TLP:RED. This classification mandates that the information is not shared publicly or privately without explicit permission from The DFIR Report.

The difficulty of each DFIR Lab case is inherently subjective and may vary based on the participant's individual skills and experience.

View full details

Customer Reviews

Based on 2 reviews
100%
(2)
0%
(0)
0%
(0)
0%
(0)
0%
(0)
C
Chicken0248
Very great lab combining each log source to determine full compromise of the domain!

This case is very great for someone who want to prepare for HTB CDSA exam! It's impossible to start the hunt from Initial Access to Impact phase without corelated various event ID and log sources, all hints provide on this case were very helpful and could be use in the actual case as well. definitely recommended!

K
Kyle Emig
Solid Lab

Great lab! Great hands on experience that takes you through the whole attack chain.