money-ware
Author: Juni19 | 100 points
Description
Flag format: picoCTF{Malwarename}
The first letter of the malware name should be capitalized and the rest lowercase.
Your friend just got hacked and has been asked to pay some bitcoins to 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX. He doesn’t seem to understand what is going on and asks you for advice. Can you identify what malware he’s being a victim of?
Solution
It appears we have been given an bitcoin wallet address and are told to identify the malware which it belongs to. Since it is a bitcoin wallet, we can make an assumption that the malware was ransomware, asking the victim for payment.
From this we can Google "Ransomware 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX".
One of the first results is a Crowdstrike article documenting a technical analysis of the Peyta ransomware.
If you are interested in how ransomware works, the article is definitely worth a read.
Flag
Using the naming convention given to us, our flag is picoCTF{Peyta}
Last updated