Monthly Archives: September 2015

This is the final challenge and it is said to be more difficult than the previous challenges. The file of this challenge named CryptoGraph, which is a 32 bit Windows Portable Executable file. Let’s analyze it in IDA at first. … Continue reading →

This challenge contains a large Windows Portable Executable File which is nearly 3.4 MB. It is usually difficult to reverse engineering such a large file. However, if you have noticed the special resource embedded into this file, things will become … Continue reading →

This challenge contains a Windows Portable Executable file in a very small size (4,608 bytes), typically, this kind of files is written in Assembly Lagrange. If you load this file into IDA, you may notice that the file is badly … Continue reading →

When you open this challenge directly in IDA, you may as disappointed as me, there is only a few code available at the Entry Point and they seems do nothing useful: However, if you open this file in a text editor, … Continue reading →

This challenge is a .NET application. There are many tools to decompile a .NET application and here I use the ILSpy. A quick look at the decompile result I found that this application is probably obfuscated by SmartAssembly : There … Continue reading →