NTLM Relay

During a routine network monitoring session, Sarah, a senior security analyst at Sopranos Enterprises, noticed unusual traffic patterns on their internal network. The traffic appeared to originate from a compromised machine probing multiple systems, suggesting an attempt at lateral movement. It seems the attacker was targeting machines within the Active Directory environment to escalate privileges and compromise additional systems. The security team quickly began investigating, but the full extent of the breach is still unknown. Further analysis of logs and network traffic is required to assess the impact.

File Location: C:\Users\LetsDefend\Desktop\ChallengeFile\NTLM-Relay.7z

File Password: infected