Basic Malware RE

Tools : Ghidra

Strings :: Challenge 1

For the first challenge the flag can be easily obtained from examining the entry function.
Use the strings and grep command to get the flag easily.

Strings :: Challenge 2

The clues in the second challenge are stored in each variable , use a hex converter to find the flag.

Strings 3 :: Challenge 3

Hex 0x110 = Decimal 272

In Ghidra –> Windows –> Define Strings and look for the Rsrc String ID 272 for the flag.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Comments (



%d bloggers like this: