Drops a secondary payload and communicates with an external Command & Control (C2) server.
The file masquerades as a standard video file ( .mp4 ) to evade casual observation. However, upon execution in the sandbox environment, it exhibits classic malware behavior by attempting to establish persistence and calling home to a suspicious IP address. septMeetii1mp4
Go to the Network Perimeter or Firewall tab and block traffic to 104.28.18.238 . Drops a secondary payload and communicates with an
It sounds like you're working through the (part of the SOC Level 1 path). In this challenge, septMeetii1.mp4 is a malicious file used by an adversary. upon execution in the sandbox environment