Tags: forensics volatility
Rating:
Use volatility to check processes, IE/cmdline history and MD5 the result to get the flag.
Full video walkthrough: https://www.youtube.com/watch?v=deg0CQwwN-M&t=2153s
I don't remember