Theme Overview
8 February 2022
We're releasing the fifth release of our Conti ransomware theme with new TTPs focused on data collection and exfiltration. To date, our Conti theme now contains the following kill-chains:
Data collection and exfiltration (Current Release)
Deploy ransomware
Data Collection and Exfiltration
This chain performs collection and exfiltration. First we enumerate the users home directory then attempt to dump hashes via Kerberoasting and AS-REProasting. Once we have target data, the ingress and configure Rclone to work with an ephemeral Mega account then automatically exfiltrate to a Data folder in Mega. Check it out on the Prelude chains website.
Watch a demonstration:
We have 1 more week to go in our Conti theme providing you with an entire Conti adversary attack from beginning to end.
Staying up to date
Thanks for reading our latest TTP Tuesday release! Please subscribe and reach out with any feedback. We love to hear from our community!
There are several ways to follow us and learn more about Prelude and our team members:
Get our products
Download Prelude Operator: https://www.prelude.org/download
See the latest kill chain and TTP Releases: https://chains.prelude.org/
See our open-source repositories: https://github.com/preludeorg
Join our community
Discord: https://discord.gg/gzUv4XNquu
Reddit: https://www.reddit.com/r/preludeorg/
Twitter: https://twitter.com/preludeorg
Read, watch, and listen
Listen to our Podcast: https://anchor.fm/preludeorg
Read our blog: https://feed.prelude.org
Watch our live streams: https://www.twitch.tv/preludeorg
Watch our pre-recorded content: https://www.youtube.com/channel/UCZyx-PDZ_k7Vuzyqr4-qK9A
Follow our team
David: https://twitter.com/privateducky
Alex: https://twitter.com/khyberspache
Kris: https://twitter.com/Xanthonus
Octavia: https://twitter.com/VV_X_7
Sam: https://twitter.com/wasupwithuman