HTB: Acknowledge the Corn

Writeup for the hard level forensic challenge “Acknowledge the corn” found here

Challenge description: One of our clients currently active in the banking sector, was recently targeted by a known APT group. Our endpoint protection raised some alerts about an offensive open source tool which was found in one of our client’s workstation. Our incident response team managed to retrieve a dump of the malicious process and a capture of the network during the attack. Can you analyse the given samples and determine whether the malicious actors penetrated in to the network or not?

Will release this once the challenge is retired as per guidelines

Message me on Discord or email me for tips/help with the challenge!