Masquerade
Premium roomOur company may have been compromised, we need your help ASAP.
medium
35 min
1,104
To access material, start machines and answer questions login.
Jim from the Finance department received an email that appeared to come from the company’s system administrator, asking him to run a script to “apply critical security updates.” Trusting the message, Jim executed the script on his workstation. Shortly after, unusual network traffic and system activity were observed. You have been provided with relevant artifacts to investigate what happened, determine the impact, and identify how the attacker established control over the system.
Important!: These artifacts contain real malware; however, the challenge can be completed entirely through , and there is no need to run or execute any of the files. Despite that, analysis should still be conducted in a controlled environment such as a virtual machine ().
Let's do some network forensics!
Ready to learn Cyber Security?
The Masquerade room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in