Challenge - Hidden Backdoor

Tackling another Lets Defend Challenge, that being the HARD DIFFICULTY and FREE "Hidden Backdoor" challenge. We are given a triage copy of a believed compromised Windows host on a Windows VM to answer 9 questions. "A senior developer at AINokhba Enterprises discovered an unfamiliar file named "NotionSetup.exe" on their workstation. Curious and concerned, they executed the file, but nothing appeared to happen. Fearing that something might be wrong, they immediately reported the incident to the company's security team. Your task is to analyze a triage image from the senior developer's machine to determine how the file ended up on their system and what actions, if any, were triggered by executing it." ITEMS: https://www.virustotal.com/gui/file/dfb76bcf5a3e29225559ebbdae8bdd24f69262492eca2f99f7a9525628006d88/detection https://www.virustotal.com/gui/url/607f2c2491dcf62b624a6c4ee1d60ca2ae36836883abba213ed3639ff51c68cc/detection https://talosintelligence.com/reputation_center/lookup?search=globalnewshub.com https://otx.alienvault.com/indicator/domain/globalnewshub.com https://urlscan.io/result/10570149-850c-4819-b12c-098f6e3957c5/ NOTES: https://www.elastic.co/security-labs/bits-and-bytes-analyzing-bitsloth TOOLS: https://sqlitebrowser.org/ https://www.nirsoft.net/utils/win_prefetch_view.html https://ericzimmerman.github.io/#!index.md