Window Pains

Volatility

Problem

Created by: syyntax

One of De Monne's employees had their personal Windows computer hacked by a member of DEADFACE. The attacker managed to exploit a portion of a database backup that contains sensitive employee and customer PII.

Inspect the memory dump and tell us the Windows Major Operating System Version, bit version, and the image date/time (UTC, no spaces or special characters). Submit the flag as flag{OS_BIT_YYYYMMDDhhmmss}.

Example: flag{WindowsXP_32_202110150900}

Solution

sudo vol -f physmemraw windows.info.Info

flag{Windows10_64_20210907145744}

PreviousThe Count NextWindow Pains 2

Last updated 2 years ago