The primary indicator of compromise (IoC) is the MD5 hash e1d5f9920d3674697920409a8ec3f898 . This is what you need to block in the "Hashes" section of the PicoSecure dashboard.
The malware attempts to connect to the IP 104.28.18.238 . 3. Recommended Mitigation (The "Summit" Challenge Steps) septMeetii1mp4
Go to the Manage Hashes tab and add e1d5f9920d3674697920409a8ec3f898 to the blocklist. The primary indicator of compromise (IoC) is the
The file masquerades as a standard video file ( .mp4 ) to evade casual observation. However, upon execution in the sandbox environment, it exhibits classic malware behavior by attempting to establish persistence and calling home to a suspicious IP address. However, upon execution in the sandbox environment, it
Go to the Network Perimeter or Firewall tab and block traffic to 104.28.18.238 .
Drops a secondary payload and communicates with an external Command & Control (C2) server.