Ransomed Blue Team Challenge

Category : Malware Analysis

4.3

Difficult

What is the md5 hash of the file?

Weight : 50 | Solved : 676

What is the value of entropy?

Weight : 50 | Solved : 599

What is the number of sections?

Weight : 50 | Solved : 631

What is the entropy of the .text section?

Weight : 50 | Solved : 589

What is the name of the technique used to obfuscate string?

Weight : 100 | Solved : 367

What is the API that used malware allocated memory to write shellcode?

Weight : 100 | Solved : 338

What is the protection of allocated memory?

Weight : 100 | Solved : 279

What assembly instruction is used to transfer execution to the shellcode?

Weight : 150 | Solved : 207

What is the number of functions the malware resolves from kernel32?

Weight : 100 | Solved : 251

Q10

The malware obfuscates two strings after calling RegisterClassExA. What is the first string?

Weight : 100 | Solved : 195

Q11

What is the value of dwCreationFlags of CreateProcessA?

Weight : 100 | Solved : 184

Q12

Malware uses a process injection technique. What is the name of it?

Weight : 100 | Solved : 242

Q13

What is the API used to write the payload into the target process?

Weight : 100 | Solved : 227

Instructions:

Uncompress the challenge (pass: cyberdefenders.org)

Scenario:

After a successful breach, A SOC analyst found an executable, but they could not know what it does, so they sent it to you for further analysis.

Tools

Stuck? Don't worry

We've got you covered! 🛠️ Head over to the community lab channel for guidance #ransomed channel

SHA1SUM:

74a7da23e602f66e768d34763c91a17502bdd9b3
Password:

cyberdefenders.org
Size:

961 KB
Published:

Jan. 28, 2022, midnight

First blood

th3c0rt3x

610 days ago

Last solve

Waled_Alhus…

5 days ago

Ransomed Blue Team Challenge

Category : Malware Analysis

Malware Analysis

Reverse Engineering

Threat Hunting

Scenario:

Tools

Stuck? Don't worry

First blood

Last solve

Blog

Media Kit

Store

Careers

Ransomed Blue Team Challenge

Category : Malware Analysis

Malware Analysis

Reverse Engineering

Threat Hunting

Scenario:

Tools

Stuck? Don't worry

First blood

Last solve