Log Analysis With Sysmon
Our company has experienced a breach on one of its endpoints. Your task is to investigate the breach thoroughly by analyzing the Sysmon logs of the compromised endpoint to gather all necessary information regarding the attack.
File location: C:\Users\LetsDefend\Desktop\ChallengeFile\Sysmon_chall.zip
File Password: infected
Note:
- You can use the Event Log Explorer tool alongside the Event Viewer tool while working on this challenge.
- You can obtain a free license for Event Log Explorer here.
Walkthroughs: