Huntress - 2025 on Eddak Inc.

Bussing Around

Thu, 09 Oct 2025 16:04:48 +0200

Challenge Name: Bussing Around
Category: Forensics
Challenge Description:
- One of the engineers noticed that an HMI was going haywire.
- He took a packet capture of some of the traffic but he can’t make any sense of it… it just looks like gibberish!
- For some reason, some of the traffic seems to be coming from someone’s computer. Can you help us figure out what’s going on?
File(s) Provided: Modbus traffic capture

The only communication on the capture are between two entities: 172.20.10.6 & 172.20.10.2 The .6 entity initiates the communication with .2.

Wed, 08 Oct 2025 16:04:48 +0200

Challenge Name: SANDY
Category: Malware
Challenge Description: My friend Sandy is really into cryptocurrencies! She’s been trying to get me into it too, so she showed me a lot of Chrome extensions I could add to manage my wallets. Once I got everything sent up, she gave me this cool program! She says it adds better protection so my wallets can’t get messed with by hackers. Sandy wouldn’t lie to me, would she…? Sandy is the best!
File(s) Provided: Windows Executable (malware)

The file we are analyzing is an UPX packed exe file.

Tue, 07 Oct 2025 16:04:48 +0200

Challenge Name: Beyblade
Category: Forensics
Challenge Description:
- Sheesh! Some threat actor sure did let it rip on this host! We’ve been able to uncover a file that may help with incident response.
- 1. The password to the ZIP archive is beyblade.
- 1. This challenge has the flag MD5 hash value separated into chunks. You must uncover all of the different pieces and put them together with the flag{ and } suffix to submit.
File(s) Provided: Windows Registry
Hint(s):
- Flag divided into several pieces.