Conti Ransomware
➡️Initial Access: IcedID
➡️Discovery: net, ipconfig, systeminfo, nltest, whoami, query, dir, dsquery
➡️Lateral Movement: PsExec, SMB, RDP
➡️C2:
#CobaltStrike
and IcedID
➡️Defense Evasion: Modify GPO, stop/uninstall security tools
1/6