Daniel Matthews
Daniel Matthews
For m64.exe (mimikatz), you need to run the `download_payloads.sh` script from within the emu plugin: ``` cd plugins/emu ./download_payloads.sh ```
For m64.exe (mimikatz), you need to run the `download_payloads.sh` script from within the emu plugin: ``` cd plugins/emu ./download_payloads.sh ``` Looks like Ryuk is custom-built malware from previous ATT&CK Evaluations...
Are these abilities from one of the open-source plugins? If so, which ones are you using? Otherwise, if these are custom abilities, are you able to provide the yml file...
Out of curiosity, what is the motivation behind making the obfuscator required rather than using the default value?
> > Out of curiosity, what is the motivation behind making the obfuscator required rather than using the default value? > > As far as I remember, the default value...
> > > > Out of curiosity, what is the motivation behind making the obfuscator required rather than using the default value? > > > > > > > >...
This button works fine on recent versions of CALDERA - try updating to a more recent version and see if that works
What command did you use to run the agents? Are they in the `blue` group?
Are you still seeing this issue with the latest version of Dockerfile?
@cfzq088 can you confirm that your `response` plugin is enabled and started up successfully? That plugin contains the [incident responder profile](https://github.com/mitre/response/blob/8ea6ab5e0f341aba8facf29ba0301643e3d6a3b4/data/adversaries/7e422753-ad7a-4401-bc8b-b12a28e69c25.yml)