Webinars / Webinars / A Call from the Museum: A Phishing Analysis Walkthrough
A Call from the Museum: A Phishing Analysis Walkthrough
Join experts from Hack The Box for a technical walkthrough of a phishing analysis challenge based on the Advent of the Relics defensive series.
Presented by Hack The Box
Overview
Phishing remains the number one attack vector for corporate networks. When a targeted lure slips past automated email gateway filters, security analysts must be able to quickly analyze the email components, spot spoofing techniques, and determine the exact threat vector.
In this webinar, Hack The Box experts will dive straight into A Call from the Museum, a dedicated phishing analysis Sherlock. This session will include a live showcase of the Hack The Box platform, giving you a firsthand look at exactly how investigating and solving a Sherlock - a defensive challenge - unfolds in real time. Using a realistic corporate scenario, where an employee at CALE Corp opens an unexpected email from a spoofed logistics office, we will break down the email step-by-step to reveal the underlying indicators of compromise.
Key Takeaways:
- Email Header Analysis: Dissecting raw .eml source code to verify sender authenticity, trace mail routing, and spot spoofing indicators.
- Attachment Triage: Analyzing password-protected archives used by attackers to evade automated email sandbox detection.
- Initial Execution Analysis: Reviewing how weaponized shortcut files and baseline script components are leveraged right after a user clicks.
- Basic PowerShell Deobfuscation: Uncovering a script’s real behavior by reversing techniques like Base64 encoding, string manipulation, and commands piped directly into execution.
