AS-REP Challenge

A network security team received alerts from a Domain Controller (DC) indicating that a user was making unusual requests for Kerberos tickets, which is not typical for their role. Given that this behavior aligns with potential reconnaissance or lateral movement within the network, the security team escalated the issue to a senior investigator. The investigator has been tasked with analyzing the provided DC and workstation logs to trace the attacker's movements, determine the source of the anomaly, and understand how the attacker gained access and what actions they might have taken inside the network.r.

File Location: C:\Users\LetsDefend\Desktop\ChallengeFile\AS-REP.7z

File Password: infected