all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Help understanding a small evtx file with 8 events.

Add to bookmarks
April 10, 2022, 9:39 a.m. | /u/HeliosHype

Computer Forensics www.reddit.com

Hi community, I'm going through the EVTX ATTACK SAMPLES github repo, and I chose a random one from the Lateral Movement category. I opened the file which includes 8 events, and I can't really understand why this file would be considered suspicious (Link is below). Is this because the calc.exe? or it looks like pass the hash attempts? (logon type 3/key length 0).

​

If there is a resource that maybe explains the EVTX files in the repo - that …

computerforensics events evtx

Visit resource

More from www.reddit.com / Computer Forensics

Yara Rule Set 2 days, 11 hours ago | www.reddit.com
amy computerforensics github good +4
Artifact that proves webhistory has been deleted (mobile) 3 days, 5 hours ago | www.reddit.com
artifact browsing cellebrite computerforensics +5
general purpose livecd for forensics 5 days, 6 hours ago | www.reddit.com
advice computerforensics date don +15
Lumma Stealer Malware Analysis 5 days, 7 hours ago | www.reddit.com
analysis computerforensics lumma stealer malware +2
Transition from private sector back to LE 6 days ago | www.reddit.com
analyst back boss computerforensics +12
Call for BETA testers! 1 week ago | www.reddit.com
amp artifact att beta +23
What's the best practice for determining if removing a storage device will make getting decrypted … 1 week, 1 day ago | www.reddit.com
access best practice blocker computer +10
(Interview preparation)How axiom is used for investigating child pornogrpahy? 1 week, 1 day ago | www.reddit.com
aware axiom career career progression +14
Digital Forensics Conference: BelkaDay 2024 1 week, 1 day ago | www.reddit.com
community computerforensics conference dfir +12

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Brand Experience and Development Associate (Libby's Pumpkin)

@ Nestlé | Arlington, VA, US, 22209
View on infosec-jobs.com

Cybersecurity Analyst

@ L&T Technology Services | Milpitas, CA, US
View on infosec-jobs.com

Information Security Analyst

@ Fortinet | Burnaby, BC, Canada
View on infosec-jobs.com