A targeted phishing campaign is carried out against our organization, and so far the phishing mail has been opened by 3 systems in our network. A quick triage image was collected from one of the infected systems and Provided to you for identification of TTP being used by attackers. Identify the Techniques and tactics used by the attacker so our incident response team can respond and mitigate any further compromises across the network.

Note: This challenge is focused on doing manual artifact analysis. You can use Eric Zimmerman's tools suite for most of the artifacts. Additional research will be required for some questions

Artifacts: C:\Users\LetsDefend\Desktop\Files\Relevent_Artifacts.zip
Password: infected

This challenge prepared by 0xCyberJunkie.sh

Writeups: