Этот Writeup для задания
BlackEnergy by
cyberdefenders.com.
В рамках задания нам предлагается ответить на 8 вопросов, при расследовании инцидента в дампе оперативной памяти. В роли злоумышленников выступает APT группировка BlackEnergy с вредоносным ПО.
Сценарий:A multinational corporation has been hit by a cyber attack that has led to the theft of sensitive data. The attack was carried out using a variant of the BlackEnergy v2 malware that has never been seen before. The company's security team has acquired a memory dump of the infected machine, and they want you to analyze the dump to understand the attack scope and impact.