The Honeynet Project is proud to present our third Forensic Challenge 2010 created by Josh Smith and Matt Cote from The Rochester Institute of Technology Chapter, Angelo Dell’Aera from the Italian Chapter and Nicolas Collery from the Singapore Chapter. This challenge is a bit different than the previous two, as it involves investigating a memory image of an infected virtual machine. Read all the questions for this challenge over at the main blog and submit your answers by 17:00 EST, Sunday, April 18th 2010. Good luck!
UPDATE (12.Apr): There are now additional third-party incentives to participate in this forensics challenge. Both Volatile Systems and MANDIANT are offering their own prices to the top three winners that apply their memory analysis tools; The Volatility Framework, Memoryze and Audit Viewer respectively. But remember, there are now only a few days left until deadline, so get moving!
UPDATE (19.Apr): The submission deadline for this challenge has been extended till April 26th.
UPDATE (14.May): The solution and the winners of this challenge is available here.
The solution and winners of the second challenge are shown here.