13Cubed Windows memory forensics

Richard at 13Cubed recently released another memory forensics challenge; this time involving a compromised Windows host. Watch the video below for a summary of the incident.

You can download the sample here; https://cdn.13cubed.com/downloads/windows_challenge.zip

Per the warning on the YouTube video;

⚠️ CAUTION ⚠️ This memory sample contains a simulated ransomware for educational purposes. Although safeguards have been implemented to prevent any harm, they are not foolproof. Please treat this sample as if it contains active malware. Ensure all necessary precautions are taken to mitigate potential risks.

WALK-THROUGH BELOW

This page is just a placeholder for the moment, it should be completed by mid-July.