Et tu, Hacker?

Instructions

Solution

First I dumped the evtx file to xml.

evtx_dump.py bruteforce.evtx > bruteforce.xml

Now I had a cleanly formatted file:

Looking through the logs, they all appear to be targeting user ericm.

Flag:

MetaCTF{ericm}

Next: The Best Laid Plans...