# Team Country Points
1 Traxos es 2,125
2 Meta af 2,025
3 A por ello es 1,625
4 H0nt3 es 850
5 Crow es 650
6 Gremlins es 650
7 Riddler es 550
8 BootCamp Rooted 2023 es 500
9 Bururu es 475
10 Mack es 425
11 AP es 400
12 BRVT3F0RC3 ie 175
13 Carlos es 175
14 N/A es 175
15 Coffee Enjoyer es 175
16 Juan Carlos López Díaz es 100
17 Akna es 0
18 Tream-O365 ad 0
19 Frederico es 0
20 Replicador es 0
21 BOR es 0
22 DGF_JC es 0
23 MF es 0
24 Rafban dz 0
25 AFRDP es 0
# Team Country Points
1 PhineasFisher kp 2,125
2 crisix es 2,125
3 JuanXXIII es 2,125
4 cpou es 2,125
5 atila mw 2,125
6 mary4 es 2,125
7 Xeyuin es 2,025
8 JonDoe es 1,875
9 Ps es 1,850
10 mer es 1,825
11 BXVI es 1,825
12 Ellendar es 1,775
13 aillusion es 1,725
14 fernandogf es 1,625
15 martafg es 1,550
16 bikthor es 650
17 cikixa7241 es 575
18 Rivery es 450
19 RootedR es 150
20 xunta2024 es 0
21 RootedCom24 es 0
22 usuario1 es 0
# Team Country Points
1 APF46 it 2,125
2 BOTS es 2,125
3 spr es 1,975
4 user es 1,975
5 Team Kakamora es 1,975
6 Pandrades es 1,925
7 L es 1,875
8 notFound es 1,850
9 V3ga es 1,800
10 Peritus es 1,750
11 Gerardo es 1,725
12 mips es 1,600
13 Gustavo A. Iglesias es 1,575
14 Road Runner es 1,525
15 CMG es 1,475
16 crispuga es 1,125
17 Zapper es 875
18 Team Red es 650
19 Worldsleaks es 550
20 Angel es 550
21 daniMM al 525
22 IES TEIS es 475
23 ProfeAFIteis es 475
24 Jeiro es 475
25 Claudio Bernardez Duran es 425
26 Dani es 350
27 cuernomax2 es 275
28 cora es 150
29 Antoniiio es 50
30 probandoverano es 0
31 Teis es 0
Level 1: MINAF-PC7 Points Solved by First solvers
1.1 At which time did María José Feliz create the document "World_Happiness_Plan.docx" on her computer? 50 78% First to solve this challenge!SiCk-Boy
Second to solve this challenge!adriandlhc
Third to solve this challenge!bomoca
1.2 Which file generated the most recent AV alert? 50 90% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
1.3 If you look carefully in the user folder, you'll see some suspicious compressed files. What final (real) extension is the most used? 50 91% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
1.5 In that folder there is DEFINITELY another file that Windows Defender strongly dislikes. Which one? 50 80% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!adriandlhc
Third to solve this challenge!bomoca
1.4 Which payload do these files have? 75 73% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
1.6 Where did all these malware was downloaded from? 75 77% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
1.9 María José Feliz shared this document with other user. Which one? 75 65% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
1.8 How many times have been the compressed payload successfully executed? 100 49% First to solve this challenge!SiCk-Boy
Second to solve this challenge!adriandlhc
Third to solve this challenge!Crow
1.7 Which user advises Maria Jose Files to "install" everything? 125 78% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
Level 2: Alert! Emergency! Points Solved by First solvers
2.3 ... and from which IP address? 50 47% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
2.1 María José Feliz shared this file with an user ... who reshared it with a third user. Who? 75 57% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
2.4 The attackes have given themselves permissions over two Sharepoint sites. Who are their owners? 75 49% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!H0nt3
2.5 Attackers also created an email rule that filtered out some keywords. Which ones? 75 46% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
2.6 To expand their activities, the attackers have obtained full access to some mailboxes. Which ones? 75 47% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
2.8 When the attackers did first successfully use the stolen account ? 75 53% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Traxos
Third to solve this challenge!Meta
2.2. When did the attackers got the World_Happiness_Plan.docx? 100 49% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
2.9 Which in the "innocent" password of the compromised account ? 100 49% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!Traxos
2.7 Attackers have left a privileged backdoor to MINAF's O365. Which form does it take? 125 47% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
Level 3: We're not happy Points Solved by First solvers
3.4 The compromised user have connecting from another countries ... Which one is the most frequent? 50 48% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
3.2 Who fooled this user to install the "thingy" ? 75 52% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!Meta
3.7 From which REAL domain was this last attack launched? 75 42% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
3.3 This kind of attack is EXACTLY called ... 100 46% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
3.5 The attackers are nice tricksters because they also fooled this user. Which URL did they make him/her click? 100 30% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
3.6 Before this successful attack, they tried another one, more sneaky but unsucessful. Could you tell the "code" they used? 100 29% First to solve this challenge!Traxos
Second to solve this challenge!Meta
Third to solve this challenge!Manny Rivera
3.8 In what time the attackers first set foot on MINAF's O365 infrastructure? 100 38% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
3.1 Attackers have tricked someone to consent the installation of something. What is its name? 125 52% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Coffee Enjoyer