RansomedTrust - Lynx

RansomedTrust - Lynx is a blue team lab that falls under the Threat Hunting, Malware Analysis categories and will cover the following subjects: CyberChef, Splunk, IDA, CFF Explorer, PEStudio, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control, Impact.

Learning Objectives

Investigate a multi-stage LYNX ransomware intrusion across two trusted Active Directory forests in Splunk, then statically analyze the recovered binary to surface developer artifacts and the embedded victim-contact infrastructure.

Categories: Threat Hunting, Malware Analysis.

MITRE ATT&CK Tactics: Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control, Impact.

Tools: CyberChef, Splunk, IDA, CFF Explorer, PEStudio.