NintendoHunt blue team ctf

Category : Digital Forensics

364 Players

4.4 (57)

Difficult

What is the process ID of the currently running malicious process?

Weight : 10 | Solved : 171

What is the md5 hash hidden in the malicious process memory?

Weight : 20 | Solved : 114

What is the process name of the malicious process parent?

Weight : 10 | Solved : 145

What is the MAC address of this machine's default gateway?

Weight : 20 | Solved : 107

What is the name of the file that is hidden in the alternative data stream?

Weight : 20 | Solved : 101

What is the full path of the browser cache created when the user visited "www.13cubed.com" ?

Weight : 20 | Solved : 97

Scenario:

You have been hired as a soc analyst to investigate a potential security breach at a company. The company has recently noticed unusual network activity and suspects that there may be a malicious process running on one of their computers. Your task is identifying the malicious process and gathering information about its activity.

Tools:

Volatility 2

WriteUps

Submit Writeup

Need Help?

Join our Discord server, connect with fellow defenders, and get help while solving challenges.

SHA1SUM:

10a91fab515c69d18decef394a3b200524471e6f
Password:

cyberdefenders.org
Size:

1.3 GB
Published:

April 27, 2023, midnight

First blood

iamnewbie

38 days ago

Last solve

thugonomist

today

Authors

NintendoHunt blue team ctf

Category : Digital Forensics

Memory

Volatility