Category: RE

It has long been rumored that many threat actors were after zeyu2001's personal stockpile of the latest web 0-days. Alas, tragedy struck when he joined too many suspicious Telegram groups without due caution and ended up getting infected by suspicious malware.

He quickly put his Cyber Olympian™ skills to use and managed to retrieve the offending binary as well as capture the network traffic sent out by it. However, he's too busy getting more CVEs and HackerOne bounties to conduct any further analysis. Can you help him decipher the malware's traffic?

The password for the ZIP file is infected. While the binary will not harm your system, I suggest analyzing everything in a Virtual Machine with antiviruses switched off.

Difficulty

Medium/Hard