Reminiscent

Hello guys,
I’ve found what was going on onto the infected VM but I’m getting lost while looking for the flag (first time using volatility).
Any hints ?

@WH3A7570N3 said:
Hello guys,
I’ve found what was going on onto the infected VM but I’m getting lost while looking for the flag (first time using volatility).
Any hints ?

do u got the flag now?

What exactly am I looking for. i.e. what is the format of the flag? is it an actual string we find or is it a hash of a process or similar?

Nevermind, I found it :slight_smile: it is indeed in the format of HTB{blaah}. You will know when you find it :slight_smile:

Done!

Such an interesting challenge! Learned a lot!

Happy to help anyone if needed.