DFIRCON APT Malware & Memory Challenge
The memory image contains real APT malware launched against a test system.Your job? Find it.
The object of our challenge is simple: Download the memory image and attempt to answer the questions. To successfully submit for the contest, all answers must be attempted. Each person that correctly answers 3 of the 5 questions will be entered into a drawing to win a FREE Simulcast seat at DFIRCON Monterey this March. The contest ends on January 31st, 2014 and we will announce the winner on February 3rd, 2014. Good luck!
Win a free Simulcast Seat at DFIRCON Monterey - http://dfir.to/DFIR-CON by downloading the memory image and answering the following questions.
DOWNLOAD LINK FOR MEMORY IMAGE CAN BE FOUND HERE: http://dfir.to/DFIRCON-APT-CHALLENGE
To successfully submit for the contest, all answers must be attempted. Please include your name and email address.
The winner will be able to choose from the below Simulcast courses at DFIRCON:
SEC504: Hacker Techniques, Exploits & Incident Handling
FOR408: Computer Forensic Investigations - Windows In-Depth
FOR508: Advanced Computer Forensic Analysis and Incident Response
FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
Source: http://computer-forensics.sans.org/blog ... ge-dfircon