This repository contains a detailed incident response report analyzing a sophisticated malvertising campaign. The attack leveraged Bing Search ads to redirect users to a fake Microsoft Teams download page, leading to a multi-stage infection chain with PowerShell scripts and a trojanized TeamViewer for persistence.
- Incident_Response_Report.md – The complete incident response report.
- Indicators of Compromise (IOCs) – Including malicious domains, IPs, and file hashes.
- Attack Chain Analysis – Detailed breakdown of the infection vector and persistence mechanisms.
- Impact Analysis and Mitigation Recommendations – Assessment of affected systems, potential damage, and strategic recommendations.
The primary objectives of this analysis are to:
- Investigate the complete attack chain, from initial access to persistence.
- Document Indicators of Compromise (IOCs) for threat hunting and defense.
- Provide actionable mitigation steps and strategic prevention recommendations.
Abinesh S
abineshsri72@gmail.com