Luciafer's TOTAL Disaster

Challenge:

Luciafer should learn to follow directions! Her "cryptoware" is a TOTAL disaster! She didn't realize that her choice of encryption algorithm, although a common encryption algorithm for hiding POCs from analysts because of its simplicity and lack of an obvious signature, it is terrible for cryptoware!

Do some basic analysis on her malware and see what information you can come up with. There are some great, easy to use tools that can help a burgeoning malware analyst.

Luciafer's Cryptoware Binary

Solution:

The challenge description asking to "do some basic analysis" with a tool for a "burgeoning malware analyst" made us think of VirusTotal. We calculated the MD5 hash of the binary and conducted a search on VirusTotal.

$ md5sum zealotcrypt-01.exe 
5e7463d1cd0e5d32ffff7f5ecdeba623  zealotcrypt-01.exe

There was a single comment on the Community tab that contained the flag:

Published:

Updated:

Leave a comment