Analysis of the extracted files reveals the infrastructure used by the attacker. Specifically, the write-up for this artifact focuses on: Identifying the IP address the malware communicated with.
is an encrypted archive file that serves as a cornerstone of the North Wind challenge within the SANS Holiday Hack Challenge 2023 (KringleCon). It is a forensics-focused puzzle that requires participants to extract and analyze artifacts from a compromised workstation. Overview of the Challenge OboeGladly.7z
: The password for OboeGladly.7z is not provided directly. It is typically found by investigating other files on the provided workstation, specifically by searching through PowerShell history or browser downloads . Analysis of the extracted files reveals the infrastructure