Akira Challenge

Husam ShbibOct 24, 2024Oct 24, 2024

Akira CyberDefenders Memory Forensics Challenge

Credit

This lab is made by CyberDefenders team.

Lab Scenario

“As a member of the DFIR team, you’re tasked with investigating a ransomware attack involving Akira ransomware that has impacted critical systems. You’ve been provided with a memory dump from one of the compromised machines. Your goal is to analyze the memory for indicators of compromise, trace the ransomware’s entry point, and identify any malicious activity to assess the incident and guide the response strategy.”

Difficulty Level

Medium

Downloading the Memory Dump / Running on the Cloud Lab

Attention: the sample you are about to download is including malicious files and malware samples. To protect your system, please analyze it on a completely isolated virtual machine if it is not running on cloud

Please visit the lab official link to download and analyze the memory dump.

Instructions

The lab is NOT FREE at the time of writing this post.

Our Walk-through

As it is an active challenge, we will wait until it is retried to make an official writeup.

Stay tuned!

Used Tools

Volatility3
Timeline Explorer
EvtxECmd
MemProcFS
Event Log Explorer
R-Studio

Conclusion

In this blog, we briefly notified you about a newly released memory forensic challenge.

Cya till the Next One ~ Hoxed

<span class="nav-subtitle screen-reader-text">Page</span>

Previous PostLinux Memory Forensics Challenge

Linux Memory Forensics Challenge

A Linux Memory Forensics Challenge by 13Cubed

Oct 5, 2024Oct 1, 2024

Reveal Challenge

A new memory forensic challenge

Jul 22, 2024Jul 25, 2024

TryHackMe Critical challenge memory forensics

Critical Room Challenge