TryHackMe | Disk Analysis & Autopsy Walkthrough
Ready for a challenge? Use Autopsy to investigate artifacts from a disk image. Link - https://tryhackme.com/room/autopsy2ze0 Login and load the case in Autopsy as instructed What is the MD5 hash of the E01 image? 3f08c518adb3b5c1359849657a9b2079 What is the computer account name? Find this in Extracted Content -->Operating System Information section DESKTOP-0R59DJ3 List all the user accounts. (alphabetical order) Check the Operating System User Account section:- H4S4N,joshwa,keshav,sandhya,shreya,sivapriya,srini,suba Who was the last user to log into the computer? Sort by “Date Accessed” sivapriya What was the IP address of the computer? Check Look@LAN in Program Files(x86) files . Look@Lan is an advanced network monitor. 192.168.130.216 What was the MAC address of the computer? (XX-XX-XX-XX-XX-XX) 08–00–27–2c-c4-b9 Name the network cards on this computer. Search for the word Ethernet in Keyword Search:- Intel(R) PRO/1000 MT Desktop Adapter What is the name of the network monitor