re

Love letter

Punkty: 338
Rozwiązań: 8

As a SOC analyst, I regularly receive suspicious binaries. I forward them to our malware analyst, but lately his replies have been...odd.
Every time, he just says:

"Win32/Loveletter. Nothing new."

No reports. No details. Just that.

I've searched everywhere - no malware with that name exists in any database. And yeah, I remember the good old days but binaries don't match anything from the old ILOVEYOU worm.

Something's not right. Is our analyst hiding something? Or is "Win32/Loveletter" just a cover?

Could you take a closer look yourself and reverse the binary?

loveletter.exe 147 KB

Format flagi: ecsc25{litery_cyfry_i_znaki_specjalne}.
W razie wątpliwości lub pytań dotyczących konkursu zapraszamy na naszego Discorda: https://discord.gg/gAtRKa2rcn.

Aby wysłać flagę, musisz się zalogować.