Cybertek CTF — Malsou9a
Full analysis of a .NET malware implant found in a memory dump — from DLL extraction and AES key recovery to C2 communication, PDF payload analysis, and JavaScript deobfuscation to retrieve the flag from Azure Blob Storage.
Forensics, malware analysis, incident response, and more from competitions worldwide.
Full analysis of a .NET malware implant found in a memory dump — from DLL extraction and AES key recovery to C2 communication, PDF payload analysis, and JavaScript deobfuscation to retrieve the flag from Azure Blob Storage.