The attackers exploited the EternalBlue vulnerability to gain initial access to the observatory farm, creating a hidden administrative share and…