Page 3 of 7
A new black market has appeared and has been targeted by the FBI. After checking for suspicious posts on stackoverflow and finding nothing, they give up and are offering a bounty to anyone who can get information on the server that is hosting the hidden service.
On a client computer of a merchandise transport company, an employee realized that a command prompt containing commands appeared on the screen. The company contacted NianSec, a computer security company to assess the risk. John, trainee, was tasked to retrieve the memory of the windows system. By mistake, he only extracted the pagefile of the system before turning off the machine. You must retrace the attack and understand what happened on the machine.