| Â |
|
|||||||
|
||||||||||||||||||||||
| Ðåçóëüòàòû îïðîñà: Êàêàÿ íîâàÿ èñòîðèÿ â CL Âàì íðàâèòñÿ áîëüøå îñòàëüíûõ | |||
| "Ñâÿòîøà" - Àëàìèäà, îáõîäÿùèé Êàðèáû íà Ñâÿòîì Ìèëîñåðäèè |
   
|
8 | 25.81% |
| "Ïîìåøàííûé íà ñîêðîâèùàõ" Áëåêâóä, âåäóùèé ðàñêîïêè íà Êàéìàíå |
  
|
10 | 32.26% |
| "Îõîòíèê íà ðàáîòîðãîâöåâ" Ãðèì, óêðàñèâøèé áðèã êîñòÿìè |
  
|
10 | 32.26% |
| Îäíà èç äóøåùèïàòåëüíûõ èñòîðèé èç íîâûõ êâåñòîâ CL |
  
|
5 | 16.13% |
| ß ðàâíîäóøåí ê ñêàçêàì, áûë áû òîëê îò òðîôåéíûõ êîðàáëåé |
  
|
9 | 29.03% |
| Îïðîñ ñ âûáîðîì íåñêîëüêèõ âàðèàíòîâ îòâåòà. Ãîëîñîâàâøèå: 31. Âû åù¸ íå ãîëîñîâàëè â ýòîì îïðîñå | Îòìåíèòü ñâîé ãîëîñ | |||
| Â |
|
Â
|
Îïöèè òåìû |
It often switches between different execution contexts (like switching between 32-bit and 64-bit modes) to confuse debuggers and disassemblers. Analysis Breakdown
The challenge involves a 64-bit Windows executable that acts as a custom "loader." Its primary goal is to execute a hidden payload, but it employs several layers of complexity to thwart standard analysis:
"7xisHeadTrick.zip" refers to a high-profile originally featured in the Flare-On 7 Reverse Engineering Challenge (2020) . Specifically, it was Challenge #10, designed by the Mandiant (formerly FireEye) FLARE team to test advanced de-obfuscation and architectural knowledge. The Core Challenge
Mandiant usually publishes a PDF with the intended solution path for every challenge.
Search for "Flare-On 10 Write-up" to find scripts (usually Python) that analysts wrote to automate the decryption of the VM bytecode.
For the most comprehensive technical deep-dives, you should look at the official solutions and community walkthroughs:
The name likely refers to a specific trick within the binary that manipulates the instruction pointer or stack to hide the true entry point of the malicious payload. Recommended Resources
Using x64dbg to trace the decryption routines. The challenge often requires "dumping" decrypted buffers from memory for further inspection.
It often switches between different execution contexts (like switching between 32-bit and 64-bit modes) to confuse debuggers and disassemblers. Analysis Breakdown
The challenge involves a 64-bit Windows executable that acts as a custom "loader." Its primary goal is to execute a hidden payload, but it employs several layers of complexity to thwart standard analysis:
"7xisHeadTrick.zip" refers to a high-profile originally featured in the Flare-On 7 Reverse Engineering Challenge (2020) . Specifically, it was Challenge #10, designed by the Mandiant (formerly FireEye) FLARE team to test advanced de-obfuscation and architectural knowledge. The Core Challenge
Mandiant usually publishes a PDF with the intended solution path for every challenge.
Search for "Flare-On 10 Write-up" to find scripts (usually Python) that analysts wrote to automate the decryption of the VM bytecode.
For the most comprehensive technical deep-dives, you should look at the official solutions and community walkthroughs:
The name likely refers to a specific trick within the binary that manipulates the instruction pointer or stack to hide the true entry point of the malicious payload. Recommended Resources
Using x64dbg to trace the decryption routines. The challenge often requires "dumping" decrypted buffers from memory for further inspection.
|
|
|
|
