inksec
Has successfully completed 🎉
BYOVD - Hive0163 Lab
A mid-sized organization was hit by a sophisticated attack attributed to Hive0163, a ransomware group also known as Interlock Group. The security team performed a triage collection from the compromised workstation before remediation. Initial triage indicates that an employee was socially engineered into executing a malicious script, which gave the attacker remote access. From there, the attacker escalated privileges, disabled endpoint protection, harvested credentials, exfiltrated sensitive data, and deployed a ransomware encryptor across the system.You are provided with the triage collection and a suspicious binary recovered from the Recycle Bin. Your task is to reconstruct the full attack chain using...
Read More