1. What is the time when the attacker gained access to the machine?

2. List all executed commands here and the time for each one.

3. Write the victim (target machine) IP & attacker IP.

attachment: Sysmon.evtx

https://ericzimmerman.github.io/#!index.md [EvtxECmd, Timeline Explorer]

usage:

EvtxECmd.exe -f "C:\Users\uname\Desktop\SOC-L1\week-1\Tasks\Lab3\Sysmon.evtx" --csv .

----------------------------
Solve this challenge:
Log Analysis With Sysmon
https://app.letsdefend.io/challenge/log-analysis-with-sysmon