Chupacabra Digital Forensic Training Set 2022 by ADEO DFIR Team

The Chupacabra case study was created by the ADEO dfir team due to the lack of resources and applications in the digital forensics field. Using the Chupacabra case study, you can acquire digital forensics skills or improve your existing skills.

Case Overview:

The SOC team received an alarm that a file was downloaded from the system of a new employee named Rick Martin through some legal connection and a malicious software was running on the relevant machine. Rick Martin claimed that he had no idea about it and that it was possibly malware acting on his behalf. The DFIR team took an image from the user's system to clarify the situation and do some research. There is a disinformation that the user is intentionally installing illegal apps in order to click on the malicious link and perhaps do other things. Everything happened when he filled out the excel in the "Company-Wide Health Screening" mail sent by HR. After calculating the body mass index in Excel, the user, who feels something strange on his computer, runs the network listening tool on his computer. The suspect is believed to have poor technical skills and an attacker may be behind these suspicious activities!

Requirements:

Import the sslkey.log file into the pcap file.
•Edit > Preferences (Ctrl + Shift + P)
•Protocols > TLS
•Browse > sslkey.log file path
•chupacabra_CTF_2022.pcap
•chupacabra_CTF_2022.E01
•chupacabra_CTF_2022.raw

You can reach the questions about the Chupacabra case on the "Chupacabra Questions" page and the necessary analysis files from the https://adeo.com.tr/Chupacabra link.

Please answer the questions on the "Chupacabra Questions" page with a "writeup" style and send them e-mail to "dfir@adeo.com.tr".

Have a good time :)