Ghost Process4_B

Memory Forensic 100 pts standard
Challenge Description

Q4 — Process That Performed the Injection

The attacker used a scripting engine to inject shellcode into the target process — a living-off-the-land technique that leaves no file on disk.

What process performed the injection?

Flag format : HackCTF{PROCESS.EXE}

Correct answer unlocks Q5 — Memory Protection of Injected Code.

Submit Flag

Login to submit a flag.

← All Challenges