This challenge has two phases. The first one involves creative thinking and research. The second one is live malware and reversing. Instructions and hints are built in.

Rules and things you’ll need:

1. You need an isolated environment with a Windows Vista/7/10 VM guest, and a snapshot. On the VM, you should disable any AV, and Windows firewall.  Create a shared directory on the host system to save files/work. That will need to be excluded from AV on the host. If your VM gets hosed, just revert it.

2. Do not work with or run ANY of the files on business systems or networks.

3. Do not upload the files to ANY analysis sites, or sites that distribute data unless a site is provided within the challenge.

The system has a bit of security on it.  Scanning will most likely get you blocked, but have at it.

Phase 1: https://mattclemons.com/theartoftrolling/

Dig into the site and see what you can find out. There are many pages, and links that will lead you to phase 2.

If you need hints, run into any issues, or find the solution, please leave a comment with your email address, and I’ll get back to you.


0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Secured By miniOrange