Forum Discussion

Bronze II

20 days ago

Solved

SOC Analyst – Advanced / Malware Analysis / CookieMiner

The task 6 says "Use strings to recover a Base64 string from the memory image and decode it."
The output of strings vs memory image produces a file with about 4M strings, typical grep for base64 "compatibility" reduces the size but not drastically.

Is there a chance to get a hint on how to proceed?

immersive labs

vtomilin
19 days ago
All good, the answer is in the question "Use strings to recover a Base64 string from the memory image and decode it.". Just needed a night to clear my mind.

3 Replies

SamDickison
Community Manager
20 days ago
Hmm, I haven't done that one but could it help to sort/search for unique, long strings? Likely to be malicious.

I can alway see if anyone here has completed it. They can probably help.
vtomilin
Bronze II
19 days ago
All good, the answer is in the question "Use strings to recover a Base64 string from the memory image and decode it.". Just needed a night to clear my mind.
- SamDickison
  Community Manager
  19 days ago
  Nice. Sleep does wonderful things.

Forum Discussion

SOC Analyst – Advanced / Malware Analysis / CookieMiner

3 Replies

Featured Places

Help

Related Content

Advanced CTF Challenge: Hardened Maze

Advanced CTF Challenge: Serial Maze

Advanced CTF Challenge: Improbable Maze

Advanced CTF Challenge: Inner Maze

Malicious Document Analysis: Dropper Analysis

Recent Discussions

Threat Research: Dependency Confusion lab -Listener not showing a successful connection with target server

Help with Snort Rules: Fake Tech Support Popup

Gemini CLI Lab issue

No files show up in the Microsoft Azure Basics: Function Apps lab

AI Plugin Injection