TryHackMe SigHunter WriteUp
Initial Information 1. 1st week of work, ransomware incident concluded 1. Threat mitigated successfully by Incident Responders Attack Chain 1. Execution of malicious HTML Application (HTA) payload from a phishing link. 2. Execution of Certutil tool to download Netcat binary. 3. Netcat execution to establish a reverse shell. 4. Enumeration