✅ 📩The Greenholt Phish | analyze a malicious phishing email | TryHackMe SOC Level 1 | SAL1 📬

📩 Use the knowledge attained to analyze a malicious email.

📬 A Sales Executive at Greenholt PLC received an email that he didn't expect to receive from a customer. He claims that the customer never uses generic greetings such as "Good day" and didn't expect any amount of money to be transferred to his account. The email also contains an attachment that he never requested. He forwarded the email to the SOC (Security Operations Center) department for further investigation.

📬 Investigate the email sample to determine if it is legitimate.

📬 Questions in this room: 📬

✅ What is the Transfer Reference Number listed in the email's Subject?
✅ Who is the email from?
✅ What is his email address?
✅ What email address will receive a reply to this email?
✅ What is the Originating IP?
✅ Who is the owner of the Originating IP? (Do not include the "." in your answer.)
✅ What is the SPF record for the Return-Path domain?
✅ What is the DMARC record for the Return-Path domain?
✅ What is the name of the attachment?
✅ What is the SHA256 hash of the file attachment?
✅ What is the attachments file size? (Don't forget to add "KB" to your answer, NUM KB)
✅ What is the actual file extension of the attachment?

👍 Like, Subscribe, and Comment to stay updated with our latest cybersecurity tutorials. If you have any questions or need further clarification on any concept, feel free to drop a comment below!

👍 these tutorials are for educational purposes and to encourage responsible and legal use of hacking knowledge.

#TryHackMeWalkthrough #TryHackMeRoom #CyberSecurity #HackingTutorial #SecurityExploits #PenetrationTesting #InfoSec #forensic #SOC #SOCLevel1