✅ MALWARE - VeeBeeEee
Writeup by: @goproslowyo
Tags
- easy
Files:
Description
Author: @JohnHammond
While investigating a host, we found this strange file attached to a scheduled task. It was invoked with wscript
or something… can you find a flag? NOTE, this challenge is based off of a real malware sample. We have done our best to “defang” the code, but out of abudance of caution it is strongly encouraged you only analyze this inside of a virtual environment separate from any production devices. Download the file(s) below.
Writeup
This was an “encoded” VBScript. Mr. Hammond helpfully provides a tool in his GitHub repos.
Once you’ve got the script decoded you’ll quickly find the flag linked on a pastebin site.
flag{ed81d24958127a2adccfb343012cebff}