OceanLotus

OceanLotus is a blue team lab that falls under the Malware Analysis category and will cover the following subjects: MemProcFS, Strings, PE-bear, olevba, onlinegdb, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Collection, Exfiltration.

Learning Objectives

Analyze a memory dump using forensic techniques to identify artifacts from a spear-phishing attack and trace its origin.

Categories: Malware Analysis.

MITRE ATT&CK Tactics: Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Collection, Exfiltration.

Tools: PE-bear, MemProcFS, Strings, olevba, onlinegdb.

Difficulty: hard.