1 1

Qbot Leads to Domain Compromise - Private Case #27101

Qbot Leads to Domain Compromise - Private Case #27101

Difficulty: Medium Medium

$22.99 USD
$22.99 USD
Sale Sold out
Access Limit
SIEM
Usage

This case is based on a Private Threat Brief. You'll get to investigate a domain-wide compromise involving a multi-day intrusion that started with a Qbot infection.

To read more about DFIR Labs click here.

You will receive an email within 5 minutes of purchase with instructions on how to activate the lab. Buy now, use anytime within the next 3 months. Enjoy!

Disclaimer

All information in the DFIR Labs and analysis of that information shall be treated as TLP:RED. This classification mandates that the information is not shared publicly or privately without explicit permission from The DFIR Report.

The difficulty of each DFIR Lab case is inherently subjective and may vary based on the participant’s individual skills and experience.

View full details

Customer Reviews

Based on 2 reviews
100%
(2)
0%
(0)
0%
(0)
0%
(0)
0%
(0)
C
Chicken0248
Very great lab combining each log source to determine full compromise of the domain!

This case is very great for someone who want to prepare for HTB CDSA exam! It's impossible to start the hunt from Initial Access to Impact phase without corelated various event ID and log sources, all hints provide on this case were very helpful and could be use in the actual case as well. definitely recommended!

K
Kyle Emig
Solid Lab

Great lab! Great hands on experience that takes you through the whole attack chain.