🥷TryHackMe
Web Hacking Fundamentals
- OWASP Top10
Jr Penetration Tester
- Introduction to Cyber Security
Red Teaming
- Red Team Fundamentals
EXTRA
- Advent of Cyber 2022

Powered by GitBook

On this page

What is the version of CyberChef found in the attached VM?
How many recipes were used to extract URLs from the malicious doc?
We found a URL that was downloading a suspicious file; what is the name of that malware?
What is the last defanged URL of the bandityeti domain found in the last step?
What is the ticket found in one of the domains? (Format: Domain/<GOLDEN_FLAG>)

EXTRA

Advent of Cyber 2022

Day 7

PreviousDay 6 NextDay 8

Last updated 2 years ago

What is the version of CyberChef found in the attached VM?

9.49.0

How many recipes were used to extract URLs from the malicious doc?

strings
Find / Replace
Drop bytes
From base64
Decode text
Find/Replace (to remove patterns)
Find/Replace
Extract URLs
Split
Defang URL

10

We found a URL that was downloading a suspicious file; what is the name of that malware?

Last step will solve the next 3 questions

mysterygift.exe

What is the last defanged URL of the bandityeti domain found in the last step?

hxxps[://]cdn[.]bandityeti[.]THM/files/index/

What is the ticket found in one of the domains? (Format: Domain/<GOLDEN_FLAG>)

THM_MYSTERY_FLAG