BOughT Challenge

Credit

This lab is made by HackTheBox.

Lab Scenario

“A non-technical client recently purchased a used computer for personal use from a stranger they encountered online. Since acquiring the computer, the client has been using it without making any changes, specifically not installing or uninstalling any software. However, they have begun experiencing issues related to internet connectivity. This includes receiving error messages such as “Server Not Found” and encountering difficulties with video streaming. Despite these problems, checks with the Windows Network Troubleshooter indicate no issues with the internet connection itself. The client has provided a memory image and disk artifacts for investigation to determine if there are any underlying issues causing these problems.”

Downloading the Memory Dump / Running on the Cloud Lab

Attention: the sample you are about to download is including malicious files and malware samples. To protect your system, please analyze it on a completely isolated virtual machine if it is not running on cloud

Please visit the lab official link.

Used Tools

• Volatility2
• Volatility3
• Strings
• Sha256sum
• VirusTotal

Instructions

• To uncompress the lab file (pass: hacktheblue)
• The lab is FREE at the time of writing this post (if retired, it will be paid and only for VIP users)

Conclusion

In this blog, I briefly notified you about a newly released memory forensic challenge.

~ Cya in the Next One