GusC
Bronze III
2 months agoMalware Analysis: Shlayer
I've done the first 2 questions but stuck on the 3rd - what is the XOR key?
Is this found in the first or second stage 7z compressed file? and....the lab description mentions Cyberchef - is this available in the lab? (as you cannot copy and paste out of this lab)
I just have this and the Qakbot one to complete than I have the "malware analysis badge"
Mmmhh, i looked at the lab to help you. Noticed it was a hard one. Tried what was in my mind for the xor-key and it was right. This key only has 2 chars. A number and a letter. Try searching for ^ in ghidra.
good luck :)