HxD Hex Editor.exe
Strings Extractor.exe
Process Monitor.exe
Registry Editor.exe
Wireshark.exe
EXE dosyasını buraya sürükleyin
veya dosyayı seçin
EXE dosyasını buraya sürükleyin
veya dosyayı seçin
Process Monitor - Activity Log:
[2024-01-15 10:00:00] Process Create: suspicious.exe (PID: 1234)[2024-01-15 10:00:02] Process Create: cmd.exe (PID: 5678)
[2024-01-15 10:00:05] Network: TCP Connect to 93.184.216.34:443
✓ Flag found: SEBS{behaviour-detected-2024}
Registry Modifications:
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run→ suspicious.exe
→ Entry: "flag" = "SEBS{registry-mod-2024}"
✓ Flag found: SEBS{registry-mod-2024}
Network Connections:
TCP: 192.168.1.105 → 93.184.216.34:443POST /upload HTTP/1.1
✓ Flag found: SEBS{network-flag-2024}