[CyberDefenders] Volatility Traces
Volatility Traces Lab Link Scenario On May 2, 2024, a multinational corporation identified suspicious PowerShell processes on critical systems, indicating a potential malware infiltration. This activity poses a threat to sensitive data and operational integrity. You have been provided with a memory dump (memory.dmp) from the affected system. Your task is to analyze the dump to trace the malware’s actions, uncover its evasion techniques, and understand its persistence mechanisms. Artifacts memory.dmp Q1 Identifying the parent process reveals the source and potential additional malicious activity. What is the name of the suspicious process that spawned two malicious PowerShell processes? ...