MalBuster
Premium roomYou are tasked to analyse unknown malware samples detected by your SOC team.
medium
To access material, start machines and answer questions login.
This room aims to be a practice room for Dissecting Headers and 1. In this scenario, you will act as one of the Reverse Engineers that will analyse malware samples based on the detections reported by your team.
Prerequisites
This room requires basic knowledge of Malware . We recommend going through the following rooms before attempting this challenge.
Scenario
You are currently working as a Malware Reverse Engineer for your organisation. Your team acts as a support for the team when detections of unknown binaries occur. One of the analysts triaged an alert triggered by binaries with unusual behaviour. Your task is to analyse the binaries detected by your team and provide enough information to assist them in remediating the threat.
Investigation Platforms
The team has provided two investigation platforms, a FLARE and a REMnux . You may utilise the machines based on your preference.
If you prefer FLARE , you may start the machine attached to this task. Else, you may start the machine on the task below to start REMnux .
The machine will start in a split-screen view. In case the is not visible, use the blue Show Split View button at the top-right of the page.
You may also use the following credentials for alternative access via Remote Desktop ():
| Username | administrator |
| Password | letmein123! |
| IP Address | MACHINE_IP |
Lastly, you may find the malware samples on C:\Users\Administrator\Desktop\Samples.
WE ADVISE YOU NOT TO DOWNLOAD THE MALWARE SAMPLES TO YOUR HOST.
Ready to learn Cyber Security?
The MalBuster room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in