Great job, you certainly had less trouble than I did for the memory analysis of the ransomware.
Here ‘s my write-up for the challenge, for those interested. I tend to go into detailed explanations, listing my thought-process and dead-ends and such.
I also end with a series of open questions, particularly one regarding the cryptographic safeness of the
Get-Random function in PowerShell. If anyone has an answer, I’m very much interested.
[Edit] sorry about the double promotion. I made my original post before this one, but it was auto-flagged, and then manually approved.