← All Challenges

Ghost Process_B

Memory Forensic 100 pts standard

Challenge Description

Q1. What is the suspicious parent-child process relationship?

Flag format : HackCTF{PARENT.EXE_CHILD.EXE}

Files

↓ memory.raw ↓ memory_structure.txt ↓ profile_hint.txt

Submit Flag

Login to submit a flag.