User details : DFIR CTF - Ransomware ate my network! - Mellivora, the CTF engine

Level 1: Domain controller, 225 / 850 (26%)

Level 2: W10-PC3, 200 / 1,050 (19%)

Level 3: W10-PC5, 0 / 1,150 (0%)

Total: 425 / 3,050 (13.9%)

Challenge	Solved	Points
08. What EXACT authentication data from dom.adm account has been compromised ? (Level 2: W10-PC3)	#84, 5 years, 2 months after release (2026-02-03 15:33:01)	200
03. At what time can you see a logon type 10 user login on the domain controller? (Level 1: Domain controller)	#170, 5 years, 2 months after release (2026-02-03 09:37:39)	50
02. At which time can the second malicious GPO be considered as loaded and ready to be applied? (Level 1: Domain controller)	#176, 5 years, 2 months after release (2026-02-03 09:16:00)	100
01- What is the name of the first anomalous GPO? (Level 1: Domain controller)	#176, 2 years, 11 months after release (2026-02-03 09:14:40)	75