Flare-on 3 - Challenge 2
· ☕ 4 min read · ✍️ suidroot
This is a post in a series where I complete every Flare-on challenge. The landing page for all of these posts can be found here
The archive for this challenge included 2 files.
BusinessPapers.doc: data
DudeLocker.exe: PE32 executable (console) Intel 80386, for MS Windows
I first took a look at the .doc file and it looks to be random data.
After doing some initial analysis on the executable file, I found many references to encryption routines in the imports.