LockBit Ransomware - Public Case #27244

Name: LockBit Ransomware - Public Case #27244
Brand: My Store
Price: 19.99 USD
Availability: InStock

LockBit Ransomware - Public Case #27244

Difficulty: Medium

$19.99 USD

Sale Sold out

Access Limit 2 days 7 days 14 days

SIEM Elastic Splunk

Usage Personal Business/Organization

Product variants

Quantity

This case is based on a Public Case. In February 2024, a Windows Confluence server was compromised, leading to a rapid, domain-wide intrusion. You will analyze how attackers used AnyDesk and Metasploit to escalate privileges and ultimately deployed ransomware within hours.

To read more about DFIR Labs click here.

Important: Choose the Correct License Type

Personal License

For individuals paying out of their own pocket for personal skill development only.

Self-funded learning
Personal skill improvement
No organizational benefit

Enterprise License

Required if any organization benefits from your use, including:

Company-sponsored training
Skills used for work purposes
Educational institutions
Team learning activities

Important: If your employer is paying for this lab OR if the skills learned will benefit your employer/organization in any way, you must purchase an Enterprise license. This applies even if you're paying personally but using the skills for work.

You will receive an email within 5 minutes of purchase with instructions on how to activate the lab. Buy now, use anytime within the next 3 months. Enjoy!

Disclaimer

All information in the DFIR Labs and analysis of that information shall be treated as TLP:RED. This classification mandates that the information is not shared publicly or privately without explicit permission from The DFIR Report.

The difficulty of each DFIR Lab case is inherently subjective and may vary based on the participant's individual skills and experience.

View full details

all goods

will definitely try another lab

Kinda Weaksauce

This one could have been way better. It does not meet your definition of hard, first off. You guys could have given the investigator some way better AnyDesk logs. Also, you should have put real web logs in Splunk from the initial compromise. The questions are wayyyy to easy. I also don't understand why you guys can't give the answers after people pay you money, and that $100 for a session is highway robbery.

Thank you so much for your thoughtful review! We’re thrilled that you engaged with our labs, which are crafted from real-world intrusion scenarios. The logs and artifacts collected can sometimes vary because they reflect the authentic complexities of cyber incidents, but we always aim to provide valuable data for investigation.

We understand that the difficulty of the questions can feel a bit subjective, and we strive to create a balanced experience for all participants. Since everyone comes with different skills and experiences, what feels easy to one might be more challenging for another – and that’s all part of the learning journey!

As for the $100 session, this includes a comprehensive walkthrough, guiding you through the investigation process, explaining key decisions, and offering coaching to strengthen your future investigations. We believe this deep dive provides great value with personalized insights and support.

Your feedback means a lot to us, and we’ll definitely take it into account as we continue to improve our labs. Thanks again for sharing your thoughts!

Wasn't that hard

You could unravel the enitre incident with the stats count by _time CommandLine search. and the question about the MD5 was a bit confusing... the MD5 of the stager or the MD5 of the shellcode?

Great and fun lab to practice DFIR skills !!

Had a great time investigating and solving the questions.
Good chance to practice DFIR skill, definitely worth doing

Great Lab - 10/10

I had a great time taking this lab. Amazing as always! Keep up the great work.

Item added to your cart

LockBit Ransomware - Public Case #27244

LockBit Ransomware - Public Case #27244

Difficulty: Medium

Important: Choose the Correct License Type

Personal License

Enterprise License

Customer Reviews

Country/region

LockBit Ransomware - Public Case #27244

LockBit Ransomware - Public Case #27244

Difficulty: Medium

Important: Choose the Correct License Type

Personal License

Enterprise License

Customer Reviews

Subscribe to our emails