capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 12 – Forensic McBlue To The REVscue! #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.

In our twelfth challenge, Forensics McBlue confirmed the malicious document spawned a suspicious binary. Forensics McBlue’s job is to further analyze the binary via Malware Analysis.

The topics explored in this challenge are malware analysis – why it’s important and how it should be done in a safe environment (such as a sandbox). Items to determine if malware is present such as new network connections, registry key modifications, and file manipulations. Finally, there were two tools that were discussed – Detect It Easy (DIE) and CAPA.

Can Forensic McBlue determine if suspicious file is malware? Find out below!

If you enjoy my content, buy me a coffee. Link –>

Leave a Reply