Injector Challenge

Credit

This lab is made by CyberDefenders.

Lab Scenario

“A company’s web server has been breached through their website. Our team arrived just in time to take a forensic image of the running system and its memory for further analysis. As a soc analyst, you are tasked with mounting the image to determine how the system was compromised and the actions/commands the attacker executed.”

Downloading the Memory Dump / Running on the Cloud Lab

Attention: the sample you are about to download is including malicious files and malware samples. To protect your system, please analyze it on a completely isolated virtual machine if it is not running on cloud

Please visit the lab official link.

Used Tools

• R-Studio
• FTK Imager
• Autopsy
• Volatility
• Registry Explorer
• RegRpper

Instructions

To uncompress the lab (pass: cyberdefenders.org)

Conclusion

In this blog, I briefly notified you about a newly released memory forensic challenge.

~ Cya in the Next One