craftwa.re

A walk outside the sandbox

Home Blog Cheat Sheets MacOS Tips Area 51 About

[CTF] Quantum Malware

01 Aug 2016 | CTF CyberSecurityChallenge

Quantum Malware

In the modern business world mergers and acquisitions (M&A) are a near constant activity between small and global businesses. Quantum International (Qint), a small but promising company specializing in big data transfers using quantum technology, has attracted Sir Randolph ‘s attention. Sir Randolph is the President of Prometheus World-Wide (PWW), a diversified technology company originally started in the UK medical hardware industry. Just a small startup 18 years ago, PWW has now grown into a large corporation doing business in over 200 countries worldwide.

M&A

Almost convinced that the acquisition of QInt fulfils a vital business requirement for PWW’s future vision, Sir Randolph has tasked Mr Robert, his trusted friend and Business Officer to also look into this matter and find more links between cutting edge medical instruments and quantum technology.

‘Count on me!’, Robert says, rigorously taking notes in his brown leather journal. Although eager to start his research right away, Robert doesn’t know anything about medical instruments. Back to his office, he dusts out his old Windows laptop and starts searching. Vision microscopes, strange quantum mixers, USB spectrometers, tamper evident jars, all seems to make sense now in his head, when suddenly an unexpected blue screen interrupts his work. Luckily for him, you are his trusted Malware Analyst and Incident Responder.

Peter

Robert rushes in, his laptop in one hand and his journal in the other. His words are somehow familiar - ‘I need help with my computer!’. After calming him down, you promise to help fix his laptop, find the culprit and get him on track with the research.

‘Very intriguing’ you say to yourself, opening another Club-Mate bottle and looking at the extracted packed capture. The packet sniffer you installed last week has done its job! You have something to work with. Quickly take a memory image before the battery runs out, and you’re good to go.

[..]

If you’re curious to find out what happened and get Robert back on track with his investigation, download the full challenge and artefacts and start cracking: