Luciafer's TOTAL Disaster
Challenge:
Luciafer should learn to follow directions! Her "cryptoware" is a TOTAL disaster! She didn't realize that her choice of encryption algorithm, although a common encryption algorithm for hiding POCs from analysts because of its simplicity and lack of an obvious signature, it is terrible for cryptoware!
Do some basic analysis on her malware and see what information you can come up with. There are some great, easy to use tools that can help a burgeoning malware analyst.
Solution:
The challenge description asking to "do some basic analysis" with a tool for a "burgeoning malware analyst" made us think of VirusTotal. We calculated the MD5 hash of the binary and conducted a search on VirusTotal.
$ md5sum zealotcrypt-01.exe
5e7463d1cd0e5d32ffff7f5ecdeba623 zealotcrypt-01.exe
There was a single comment on the Community tab that contained the flag:
Leave a comment