-
Notifications
You must be signed in to change notification settings - Fork 6
/
challenge.yml
42 lines (33 loc) · 1.18 KB
/
challenge.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
---
name: Where all problems starts 3/4
author: Worty
category: Forensics
description: "The malware was therefore custom and specifically targeted this company, so there is no way to use known databases to identify its different keys...
This malware seems to act like a droper for another ones, but we are not really sure.. could you find some informations to confirm that ?
/!\ WARNING : This challenge contains malicious file that can harm your computer ! Do not run them on your host machine ! I am not responsible for any potential damage to your machine. /!\
- [Download file](https://drive.google.com/file/d/1Y5Szq3GnfmfaMoTubeSTGtokdqeZ7dwm/view?usp=sharing)
Flag format : Hero{ip:port-malware_filename-name_of_another_malicious_file}
```
md5sum memory.7z : 1e8a55623872470b1b2e65f8434f0ab4
md5sum memory.dmp : 68375e94aee415c5b3df7aaaf99db59f
```
Format : Hero{}<br>Author : Worty"
value: null
type: dynamic
extra:
initial: 500
decay: 100
minimum: 50
image: null
host: null
flags:
- {
type: "static",
content: "Hero{161.97.163.247:80-bc.ps1-VfZF}",
data: "case_insensitive",
}
tags:
- medium
- forensics
state: visible
version: "0.1"