Flare-on 3 - Challenge 2
· ☕ 4 min read · ✍️ suidroot
This is a post in a series where I complete every Flare-on challenge. The landing page for all of these posts can be found here The archive for this challenge included 2 files. BusinessPapers.doc: data DudeLocker.exe: PE32 executable (console) Intel 80386, for MS Windows I first took a look at the .doc file and it looks to be random data. After doing some initial analysis on the executable file, I found many references to encryption routines in the imports.