File: Ludus.zip ... File

Check the Run registry keys or Startup folder for links to the extracted payload.

Use the pstree or malfind plugins to locate the injected code. File: Ludus.zip ...

Below is a comprehensive write-up of the forensic analysis and solution for this challenge. Executive Summary Check the Run registry keys or Startup folder