This is a writeup of the Blue Team Labs Online challenge “Injection Series Part 3” I’m by no means an expert (far from it) but was able to navigate through the questions using these tools: cutter cyberchef and of course google Question 1) How many arguments does the sample take? …

Howdy y’all. This is a write up for Blue Team Labs Online challenge ‘Injection Series Part 4’. To complete this challenge, the tools I used were: PEstudio: Winitor Ghidra: Ghidra (ghidra-sre.org) CyberChef: CyberChef Additionally, all the questions can be answered via static analysis. Question 1) What is the process that…

Overview This is a writeup of the blueteamlabs.online challenge “Reverse Engineering — Another Injection”. This is a pretty straightforward challenge. It can all be solved via static analysis, with some light decoding in Cyber Chef. What is the language the program is written? During the static portion of the malware analysis, I loaded the binary into PEStudio. From there…

Overview This is a write up of the Security Blue Team Challenge “ Reverse Engineering — A Classic Injection” As always when dealing with malware, make sure you have an environment configured to properly examine/execute samples. To begin this challenge, I moved the file over to a Flare VM running in…

This is a write up of the Melissa challenge from https://blueteamlabs.online/. Melissa aka W97M.Melissa.A (Symantec) or Virus:W32/Melissa (F-Secure) is a macro virus dates back to March 26, 1999. Background Created in 1999 by a programmer named David Lee Smith, the Melissa Virus prompted increased focus in the cybersecurity space due to…

This is a write up of Blue Team Labs Online challenge, PowerShell Analysis — Keylogger (BTLO (blueteamlabs.online)) All you need for this challenge is a text editor. I prefer to use Visual Studio Code. At your own risk, feel free to change it from a .txt file to a .ps1…

This is a write up of the Blue Team Labs Online challenge, Browser Forensics — CryptoMiner BTLO (blueteamlabs.online) While cryptominers are not always inherently malicious, they do present a risk to the integrity of systems in an organization. …