Register
Leak Society - The Home Of Nulled Resources.
Forum Beta v1 Now Live!
Challenges
Thead Owner : QueenStrike, Category : General Hacking, 3 Comment, 1125 Read
Viewers: 1 Guest(s)
QueenStrike
Member
***
92
Messages
6
Threads
0
Rep
4 Years of Service
06-06-2021, 01:22 AM
#1
1st challenge being changed unfortunately the memory image (Banking Troubles) is no longer downloadable. The memory image will now be Cridex, if you already did "Banking Troubles" go ahead and post that or you are welcome to work on the Cridex image. Cridex is a banking malware so we are keeping the same overall theme as the original "Banking Troubles"



Are you interested in hacking? Maybe forensics? Maybe reverse engineering or exploit development? Well I plan on having a few challenges in all these things.
--------------------------------------------------------------------------------------------

This is a Digital Forensics Incident Response Challenge, you don't need anything fancy a VM running ubuntu and Volatility/Foremost and very few other tools will suffice. Personally I will probably do this all on an Ubuntu machine and will move to a Windows machine for malware analysis, you can use online malware analysis platforms if you don't feel like spinning up a FLARE VM. Let's set a data for submissions on or by June 16.

If you are new to memory forensics and incident response don't be scared you are free to ask questions here and I will respond. Let's get out of our comfort zones and do some learning.

Scenario:

You have been contacted by your boss seems that one of the larger clients of the company you work for has been compromised. They are having issues when trying to access their banking institution. Find out what's going on your report should have answers to the questions below.

Memory Image :


https://github.com/volatilityfoundation/...ry-Samples  Malware-Cridex (working ~38mb)


Challenges:

1) Identify the OS of the memory dump
2) List all processes
3) List open sockets
4) URLs
5) Suspicious URLs
6) Extract the malware (extra)
7) Analyze the malware/Exploit (extra)
8) Suspicious files
9) Is there any registry enteries which may enable persistence? Other IOC's?


Important Links/Resources

https://github.com/volatilityfoundation/volatility/wiki


Edit: Once again I apologize that the original HoneyNet image is not downloadable. Cridex image is and I got a copy, probably helps if I get the images before posting but my weekend is when I do the challenges.
Go Upstairs
Reply


Messages In This Thread
Challenges - by QueenStrike - 06-06-2021, 01:22 AM
Challenges - by QueenStrike - 06-11-2021, 01:28 AM
Challenges - by QueenStrike - 06-29-2021, 05:40 AM
Challenges - by QueenStrike - 08-02-2021, 07:06 PM

Forum Jump:

© Leak Society Forum - All Rights Reserved. No files found on Leak Society are hosted on our servers, we only share resources hosted externally.

Extras
Navigation

Forum Stats

  • 18876 Topics,
  • 213121 Messages,
  • 54194 With our member,
Made with by Ghost
LeakSociety Custom MyBB Build v1.2