Malware 1/3
A challenge from FCSC
Resolution : First of all, we have a file ”snapshot.sav” wich is a memory dump. We know that this file contains a program which can encrypt ”/home/%USER%/Desktop/flag.txt”. That means it’s a linux memory dump. We need to find the username, the hostname and the command line which encrypts the flag....
[Read More]