Remotely Administrated Evil 3
Challenge:
What type of malware infection is Example 1?
Submit as
flag{infection name}
.Use the file from Remotely Administrated Evil.
Solution:
My custom Zeek script auto-extracted files during the Remotely Administrated Evil 1 challenge so I grabbed the MD5 hash (91506bc2a51501164b6a2b0c18ad1c44) of the malware and searched various malware analysis services. ANY.RUN had the sample tagged as _NetWire:
Making the completed flag, flag{NetWire}
.
Leave a comment