55901c2d5489d6ac5a0671971d29a31f4cdfa2e03d56e18c1585d78547a26396
|
0xdeluks
|
easy
|
|
Deobfuscate the strings and identify the functionality of all commands.
|
2
|
|
3
|
05 Jan 2026
|
0b38ca277bbb042d43bd1f17c4e424e167020883526eb2527ba929b2f0990a8f
|
larsborn
|
medium
|
|
Circumvent unnecessary API calls by NOPing them out
|
1
|
|
0
|
05 Jan 2026
|
61f8224108602eb1f74cb525731c9937c2ffd9a7654cb0257624507c0fdb5610
|
humpty_tony
|
medium
|
|
- Reconstructing the execution entrypoint of a DLL implant
- Dealing with weird socket usage
- Deriving crypto/obfuscation primitives from code
- Map "capabilities" to specific code paths and artifacts
- Recognize and analyze persistence
|
1
|
|
0
|
04 Jan 2026
|