Trainings Samples

Samples

Clear

SHA256	Author	Difficulty	Tags	Goal	Solutions	Comments	Created
`1c33eef0d22dc54bb2a41af485070612cd4579529e31b63be2141c4be9183eb6`	struppigel	easy	loader stage 1 bloated zpaq	This file has an unusual archive format. Figure out how to extract it. Then debloat the sample and determine how [the next stage](https://samplepedia.cc/sample/c2c466e178b39577912c9ce989cf8a975c574d5febe15ae11a91bbb985ca8d2e/80/) is decrypted or decoded. After that continue analysis of [the next stage](https://samplepedia.cc/sample/c2c466e178b39577912c9ce989cf8a975c574d5febe15ae11a91bbb985ca8d2e/80/).	—	0	27 Jan 2026
`56f5623daa470bee190ae0ecd961be8e6df71c8da1ccf7b268fe876b84c183d9`	struppigel	easy	loader msoffice openxml vsto add-in	Where does this file load the next stage from?	3	3	20 Jan 2026
`29325e23a684f782db14a1bf0dc56c65228e666d1f561808413a735000de3515`	struppigel	easy	loader msoffice external template openxml	Where does this file load the next stage from?	2	0	20 Jan 2026
`0b38ca277bbb042d43bd1f17c4e424e167020883526eb2527ba929b2f0990a8f`	larsborn	easy	obfuscation	Write a Ghidra script to defeat the code obfuscation int his sample.	1	0	13 Jan 2026
`4eb33ce768def8f7db79ef935aabf1c712f78974237e96889e1be3ced0d7e619`	larsborn	easy	string deobfuscation	Identify and reverse engineer the string deobfuscation function. Bonus points if you can write a Ghidra script to emulate it.	1	0	13 Jan 2026
`55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396`	0xdeluks	easy	string deobfuscation .net rat almondrat	Deobfuscate the strings and identify the functionality of all commands.	2	3	05 Jan 2026
`13063a496da7e490f35ebb4f24a138db4551d48a1d82c0c876906a03b8e83e05`	malcat	easy	loader emulation office cve-2018-0798	Extract the next stage download url	1	0	04 Jan 2026
`15180ee9f6a8682b24a0d5cb0491bb4e09d457bfab5a24ec1fcb077dab59773b`	malcat	easy	.net	Unpack the payload and identify the final malware family using static analysis.	1	0	04 Jan 2026
`9887f1e95b4e11825941bd207400d1cc1580a7d438969f6c8d8c656551d339e2`	struppigel	easy	loader macro office	Figure out the download URL of this malware with static analysis	2	0	04 Jan 2026
`482a8b7ead1e07ac728e1e2b9bcf90a26af9b98b15969a3786834d6e81d393cd`	struppigel	easy	batch2exe screenlocker	What's the password for the screenlocker? Extract the code.	1	1	26 Dec 2025
`aad0a60cb86e3a56bcd356c6559b92c4dc4a1a960f409fb499cf76c9b5409fdb`	struppigel	easy	worm c++	Markup the sample in Ghidra/IDA/Binary Ninja	—	0	26 Dec 2025

Page 1 of 1