Invisible Challenge
Credit
This lab is made by CyberTalents.
Lab Scenario
“After acquiring memory from attacker pc we found there is no internet browser except internet explorer . Can you get internet history?”
Downloading the Memory Dump / Running on the Cloud Lab
Attention: the sample you are about to download is including malicious files and malware samples. To protect your system, please analyze it on a completely isolated virtual machine if it is not running on cloud
The lab official link does not have the memory dump as it was part of a CTF competition, so you can download it directly from here.
My Walk-through
Please watch my video for the detailed write-up
Used Tools
- Volatility2
- Strings
- VirusTotal
- Foremost
- pdfimages – for Debian-based OS (like in Kali): apt-get install poppler-utils
Conclusion
In this blog, I briefly notified you about a newly released memory forensic challenge.
~ Cya in the Next One
Related Posts
Akira Challenge
A New Memory Forensics Challenge
Linux Memory Forensics Challenge
A Linux Memory Forensics Challenge by 13Cubed
Inside Cridex – Memory Analysis Case Study
A brief memory analysis on Cridex malware of an infected endpoint