Author Archives: littlefater

This challenge is an easy one. It contains two files, one is a Windows Portable Executable file and another one is a PCAP file. Let’s look at the PCAP file at first: In the PCAP file we can see a … Continue reading →

File youPecks is a 32 bit Windows Portable Executable file packed with UPX (according to the section name). And it can be unpacked with the UPX utility: When executes the unpacked file, it only prints out a strange expression “2 … Continue reading →

The first thing you may noticed for this challenge is that the file size is much larger than the previous challenges, it is about 12 MB! However, from the section table we can find that the size of the PE image … Continue reading →

The file of challenge 2 named very_success, it is a 32 bit Windows Portable Executable file which probably written in Assembly Language. The workflow of this program is very similar to the i_am_happy_you_are_to_playing_the_flareon_challenge.exe in challenge 1. It will read a … Continue reading →

When you analyze a file, the first thing is probably to understand the type of the file. If you are familiar with Windows, I believe you can recognize the file type of the first challenge just by looking at its icon: Yes, … Continue reading →