As a SOC analyst, I regularly receive suspicious binaries. I forward them to our malware analyst, but lately his replies have been...odd.
Every time, he just says:"Win32/Loveletter. Nothing new."
No reports. No details. Just that.
I've searched everywhere - no malware with that name exists in any database. And yeah, I remember the good old days but binaries don't match anything from the old ILOVEYOU worm.
Something's not right. Is our analyst hiding something? Or is "Win32/Loveletter" just a cover?
Could you take a closer look yourself and reverse the binary?
Format flagi:
ecsc25{litery_cyfry_i_znaki_specjalne}
.
W razie wątpliwości lub pytań dotyczących konkursu zapraszamy na naszego Discorda: https://discord.gg/gAtRKa2rcn.