The 2018 SANS Holiday Hack Challenge – Write-Up

Great job, you certainly had less trouble than I did for the memory analysis of the ransomware.

Here ‘s my write-up for the challenge, for those interested. I tend to go into detailed explanations, listing my thought-process and dead-ends and such.

I also end with a series of open questions, particularly one regarding the cryptographic safeness of the Get-Random function in PowerShell. If anyone has an answer, I’m very much interested.

[Edit] sorry about the double promotion. I made my original post before this one, but it was auto-flagged, and then manually approved.

Leave a Reply