Advent of Cyber 2022 [Day 7]-Cyber Chef Maldocs roasting on an open fire Writeup by Karthikeyan Nagaraj

Advent of Cyber 4 2022 [Day 7] Cyber Chef Maldocs roasting on an open fire — task 12 Answers

Let’s Transfer the Files from TryHackMe Machine to Our Machine for Better Investigation!!

Sender — TryHackMe Machine (Make sure you Connect with TryHackMe Machine)

Receiver — My Machine

1. What is the version of CyberChef found in the attached VM?

Open Downloads in the Attack Machine (TryHackMe Machine) and Check the Title

Ans: 9.49.0

2. How many recipes were used to extract URLs from the malicious doc?

Recipes — Let’s Cook the Code

Ans: 10

3. We found a URL that was downloading a suspicious file; what is the name of that malware?

Ans: mysterygift.exe

4. What is the last defanged URL of the bandityeti domain found in the last step?

Ans: hxxps[://]cdn[.]bandityeti[.]THM/files/index/

5. What is the ticket found in one of the domains? (Format: Domain/<GOLDEN_FLAG>)

Ans: THM_MYSTERY_FLAG

Thank you For Reading!!

Happy Hacking ~

Author : Karthikeyan Nagaraj ~ Cyberw1ng

Tryhackme , Advent of cyber 2022 , advent of cyber 2022 answers , advent of cyber 2022 Day 7 answers , Karthikeyan nagaraj , Cyber security

From Infosec Writeups: A lot is coming up in the Infosec every day that it’s hard to keep up with. Join our weekly newsletter to get all the latest Infosec trends in the form of 5 articles, 4 Threads, 3 videos, 2 GitHub Repos and tools, and 1 job alert for FREE!