# Team Country Points
1 Traxos es 2,125
2 Meta af 2,025
3 H0nt3 es 850
4 Crow es 650
5 Gremlins es 650
6 Riddler es 550
7 BootCamp Rooted 2023 es 500
8 Bururu es 475
9 Mack es 425
10 AP es 400
11 BRVT3F0RC3 ie 175
12 Carlos es 175
13 N/A es 175
14 Coffee Enjoyer es 175
15 DGF_JC es 0
16 MF es 0
17 Rafban dz 0
18 AFRDP es 0
19 Akna es 0
20 Tream-O365 ad 0
21 Frederico es 0
22 Replicador es 0
23 BOR es 0
# Team Country Points
1 PhineasFisher kp 2,125
2 crisix es 2,125
3 JuanXXIII es 2,125
4 atila mw 2,125
5 cpou es 2,125
6 mary4 es 2,125
7 Xeyuin es 2,025
8 JonDoe es 1,875
9 Ps es 1,850
10 mer es 1,825
11 BXVI es 1,825
12 Ellendar es 1,775
13 aillusion es 1,725
14 fernandogf es 1,625
15 martafg es 1,550
16 bikthor es 650
17 cikixa7241 es 575
18 Rivery es 450
19 RootedR es 150
20 xunta2024 es 0
21 RootedCom24 es 0
22 usuario1 es 0
Level 1: MINAF-PC7 Points Solved by First solvers
1.1 At which time did María José Feliz create the document "World_Happiness_Plan.docx" on her computer? 50 72% First to solve this challenge!SiCk-Boy
Second to solve this challenge!adriandlhc
Third to solve this challenge!bomoca
1.2 Which file generated the most recent AV alert? 50 86% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
1.3 If you look carefully in the user folder, you'll see some suspicious compressed files. What final extension is the most used? 50 93% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
1.4 Which payload do these files have? 75 72% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
1.5 In that folder there is DEFINITELY another file that Windows Defender strongly dislikes. Which one? 50 88% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!adriandlhc
Third to solve this challenge!bomoca
1.6 Where did all these malware was downloaded from? 75 81% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
1.7 Which user advises Maria Jose Files to "install" everything? 125 81% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
1.8 How many times have been the compressed payload successfully executed? 100 51% First to solve this challenge!SiCk-Boy
Second to solve this challenge!adriandlhc
Third to solve this challenge!Crow
1.9 María José Feliz shared this document with other user. Which one? 75 70% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
Level 2: Alert! Emergency! Points Solved by First solvers
2.1 María José Feliz shared this file with an user ... who reshared it with a third user. Who? 75 67% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
2.2. When did the attackers got the World_Happiness_Plan.docx? 100 53% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
2.3 ... and from which IP address? 50 56% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!adriandlhc
2.4 The attackes have given themselves permissions over two Sharepoint sites. Who are their owners? 75 56% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!H0nt3
2.5 Attackers also created an email rule that filtered out some keywords. Which ones? 75 47% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
2.6 To expand their activities, the attackers have obtained full access to some mailboxes. Which ones? 75 49% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
2.7 Attackers have left a privileged backdoor to MINAF's O365. Which form does it take? 125 49% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
2.8 When the attackers did first successfully use the stolen account ? 75 53% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Traxos
Third to solve this challenge!Meta
2.9 Which in the "innocent" password of the compromised account ? 100 56% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!Traxos
Level 3: We're not happy Points Solved by First solvers
3.1 Attackers have tricked someone to consent the installation of something. What is its name? 125 58% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Coffee Enjoyer
3.2 Who fooled this user to install the "thingy" ? 75 58% First to solve this challenge!h4cK_3nD-B3Er5
Second to solve this challenge!SiCk-Boy
Third to solve this challenge!Meta
3.3 This kind of attack is EXACTLY called ... 100 44% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
3.4 The compromised user have connecting from another countries ... Which one is the most frequent? 50 53% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
3.5 The attackers are nice tricksters because they also fooled this user. Which URL did they make him/her click? 100 40% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
3.6 Before this successful attack, they tried another one, more sneaky but unsucessful. Could you tell the "code" they used? 100 37% First to solve this challenge!Traxos
Second to solve this challenge!Meta
Third to solve this challenge!Manny Rivera
3.7 From which REAL domain was this last attack launched? 75 49% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos
3.8 In what time the attackers first set foot on MINAF's O365 infrastructure? 100 40% First to solve this challenge!SiCk-Boy
Second to solve this challenge!Meta
Third to solve this challenge!Traxos