Malicious Humans!

Task by Stanislav Rakovsky (@hexad3c1mal) · Par time: ~2.5 hrs

Greetings, human!

Welcome to Secret Cat Organization. We are trying to make better life for all sorts of purring souls — and there are some unions that wanna stop us.

One of them, Secret Human Organization, sent us a notification letter, it said something about a misconfig in our infrastructure. But I cannot trust them entirely — so I run their attachment in a sandboxed environment and found docx file with lots of meowing and malicious network activity!

They’re laughing at us! Please investigate this incident and retrieve the files that were stolen from our sandbox. Yes we keep important stuff in our sandbox, we’re cats after all.

Added at 14:45 UTC: there are two ways of solving this challenge. Hard one is to compile a python interpreter from source code and examine task’s bytecode using dis.dis. Way around that is to try and tinker with the malware and see what it actually does on the system. Effortful or playful approach — your choice!

Added at 16:20 UTC: bugfix: one of the DNS requests came missing, but it’s necessary to solve this task: