BankingTroubles Challenge
Credit
This lab is made by CyberDefenders.
Lab Scenario
“Company X has contacted you to perform forensics work on a recent incident that occurred. One of their employees had received an e-mail from a co-worker that pointed to a PDF file. Upon opening, the employee did not notice anything; however, they recently had unusual activity in their bank account.
The initial theory is that a user received an e-mail, containing an URL leading to a forged PDF document. Opening that document in Acrobat Reader triggers a malicious Javascript that initiates a sequence of actions to take over the victim’s system.
Company X was able to obtain a memory image of the employee’s virtual machine upon suspected infection and asked you as a security blue team analyst to analyze the virtual memory and provide answers to the questions.”
Downloading the Memory Dump / Running on the Cloud Lab
Attention: the sample you are about to download is including malicious files and malware samples. To protect your system, please analyze it on a completely isolated virtual machine if it is not running on cloud
Please visit the lab official link.
Used Tools
Instructions
To uncompress the lab (pass: cyberdefenders.org).
Conclusion
In this blog, I briefly notified you about a newly released memory forensic challenge.
~ Cya in the Next One