Instructions
Using the memory dump file from Window Pains, submit the victim’s computer name.
Submit the flag as flag{COMPUTER-NAME}.
Prerequisites
Python requirements.txt:
volatility3
yara-python
pycryptodome
capstone
Solution
Use volatility to list the environment variables and grep for the appropriate variable.
