🎉 New DFIR Lab is live: ClickFix → RomComRAT → Domain Compromise (Private Case #35646) Step int...

Summary

A new DFIR lab simulates a nine-day espionage operation. The scenario begins with a user falling for a fake CAPTCHA, leading to the deployment of custom RomComRAT implants and ultimately a domain compromise.

Indicators of Compromise

• malware — RomComRAT

Entities