ALPHV Ransomware - Public Case #24952
ALPHV Ransomware - Public Case #24952
This case is based on an advanced, multi-stage intrusion that began in October 2023. You will be examining an intrusion that progressed through all stages and resulted in the deployment of ransomware.
To read more about DFIR Labs click here.
Your access time starts at purchase time. You will receive an email within 5 minutes of purchase with instructions on how to connect to the lab. Enjoy!
Disclaimer
All information in the DFIR Labs and analysis of that information shall be treated as TLP:RED. This classification mandates that the information is not shared publicly or privately without explicit permission from The DFIR Report.
The difficulty of each DFIR Lab case is inherently subjective and may vary based on the participant’s individual skills and experience.
Share
No more than 15 minutes after purchase, I was able to access the lab. I picked the Splunk option -- A getting started guide was included and it allowed me to jump straight in to start poking at the data.
This is an excellent resource for beginner responders looking for hands-on experience, and experienced responders looking for access to high-profile threat actor TTPs.