Category: Reverse Engineering

• December 7, 2024

  Safecracker – Hack The Box

  Safecracker is an insane difficulty set of malware analysis challenges based on a ransomware virus. The description is “We recently hired some contractors to continue the development of our Backup services hosted on a Windows server. We have provided the contractors with accounts for our domain. When our system administrator recently logged on, we found…
• November 6, 2024

  Lockpick4.0

  Lockpick4.0 is an insane difficulty set of malware analysis challenges based on a ransomware virus. The description is “Forela.org’s IT Helpdesk has been receiving reports from employees experiencing unusual behaviour on their Windows systems. Within 30 minutes, the number of affected systems increased drastically, with employees unable to access their files or run essential business…
• November 5, 2024

  Lockpick3.0

  Lockpick3.0 is a hard difficulty set of malware analysis challenges based on a ransomware virus. The description is “The threat actors of the Lockpick variant of Ransomware seem to have increased their skillset. Thankfully on this occasion they only hit a development, non production server. We require your assistance performing some reverse engineering of the…
• November 4, 2024

  Lockpick2.0

  Lockpick2.0 is a hard difficulty set of malware analysis challenges based on a ransomware virus. The description is “We’ve been hit by Ransomware again, but this time the threat actor seems to have upped their skillset. Once again a they’ve managed to encrypt a large set of our files. It is our policy NOT to…
• November 3, 2024

  Lockpick

  Lockpick is an easy difficulty set of malware analysis challenges based on a ransomware virus. The description is “Forela needs your help! A whole portion of our UNIX servers have been hit with what we think is ransomware. We are refusing to pay the attackers and need you to find a way to recover the…
• November 1, 2024

  Subatomic Part 2

  If you have not read part one, go do it here. https://bu5hv1p3r.wordpress.com/2024/10/31/subatomic-part-1/ In this part we will be deobfuscating the malware and answering the rest of the questions. In the last post we ended with the obfuscated javascript program. I originally tried to run it with the node modules that came with it when I…
• October 31, 2024

  Subatomic Part 1

  Subatomic is a medium difficulty set of malware analysis challenges based on a virus passed around Discord. The description is “Forela is in need of your assistance. They were informed by an employee that their Discord account had been used to send a message with a link to a file they suspect is malware. The…
• July 1, 2024

  FlagCasino

  FlagCasino is a very easy reversing challenge on Hack The Box. The description is “The team stumbles into a long-abandoned casino. As you enter, the lights and music whir to life, and a staff of robots begin moving around and offering games, while skeletons of prewar patrons are slumped at slot machines. A robotic dealer…
• March 13, 2024

  Hissss

  Hissss is a easy reversing challenge on Hack The Box. The description is “Can you slither around the authentication?” I have officially ran out of my backlog of challenges so writeups will come not as often now. As always let’s run file on this program. Nothing crazy here, so let’s open it up in Binary…
• March 5, 2024

  Sekure Decrypt

  Sekure Decrypt is a easy reversing challenge on Hack The Box. The description is “Timmy created a secure decryption program” First things first, let’s run file on the binary to see what we are working with. Actually, this time we do not need to. We are given a core file, a binary, and the source…