{"width":"100%","published":"2022-01-22 20:00:00","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/Z/Zarat/20220121/20220121203139.png","provider_url":"https://hatena.blog","author_name":"Zarat","author_url":"https://blog.hatena.ne.jp/Zarat/","url":"https://zarat.hatenablog.com/entry/2022/01/22/200000","blog_url":"https://zarat.hatenablog.com/","provider_name":"Hatena Blog","version":"1.0","description":"Details playbook Define Threat Indicator Check if the malware is quarantined/cleaned LogManagement 359 360 EndpointManagement Analyze Malware phpshell.php 49.234.71.65 Check If Someone Requested the C2 358 361 362 363 364 Containment Add Artifacts End Details EventID: 62 Event Time: Feb. 22, 2021, 4\u2026","blog_title":"4ensiX","height":"190","categories":["LetsDefend","Malware"],"type":"rich","title":"LetsDefend level 1 alert SOC128 - Malicious File Upload Attempt event-id 62","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fzarat.hatenablog.com%2Fentry%2F2022%2F01%2F22%2F200000\" title=\"LetsDefend level 1 alert SOC128 - Malicious File Upload Attempt event-id 62 - 4ensiX\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>"}