Attackers started recently to use Microsoft OneNote file to distribute malwares by email. I’ve decided to take a to public sample and analyse it (Thanks @pr0xylife for sharing it !). To proceed, I’ll use my Malware Analysis Lab as described here. I’ll start with a static analysis of the file to discover what will be […]
From OneNote to Quakbot (BB12) Read More »
This is a small write-up of the “Sniffed Traffic” challenge from SEECTF 2022 (Forensics Category). Description : Author: EnyeiWe inspected our logs and found someone downloading a file from a machine within the same network.Can you help find out what the contents of the file are?For beginners: https://www.javatpoint.com/wiresharkMD5: 71cd3bdbecece8d7919b586959f2d3b7 Solution : Once the capture file
SEETF 2022 – Sniffed Traffic Read More »
This is a small write-up of the “Torrent Analyze” challenge from picoCTF 2022 (Forensics Category). The challenge is now available in picoGym here ! Description : SOS, someone is torrenting on our network. One of your colleagues has been using torrent to download some files on the company’s network. Can you identify the file(s) that
picoCTF 2022 – Torrent Analyze Read More »