OSINT_BLUE
DESCRIPTION
Drats, we found an unknown executable that someone uploaded to one of our web servers. How weird, it seems to be make heavy reference to trees. Is the author some kind of environmentalist, perhaps?
Note: This executable is not malicious, but we strongly advise participants to run it in a VM. This should always be the case when encountering any unknown executables, and to cultivate good opsec habits. :)
MD5("tree_monster.exe"): 370B2D92C8CF0CABB7B312CBEDAAF9D3
ATTACHED FILES
tree_monster.exe
We notice there are some pastebin URLs in the strings
$ strings /Users/manzelseet/Downloads/tree_monster.exe | grep http
https://pastebin.com/raw/EcrLPtRP
https://pastebin.com/raw/v1cRRWEW
If we download them, we find a binary tree with characters of the flag.
Read it in order and we have the flag.
$CDDC19${havesometrees}