The purpose of these challenges is to familiarize beginners with common malware techniques. Don’t worry if you can’t complete a challenge, I will soon be creating a video explaining each one in detail.

Each difficulty rating is relative to other challenges, not an estimate of your skill. Please only use it as a guideline for which challenges to work towards.

 

[Disclaimer]

The “malware” in these challenges is not real or designed to harm your system in anyway. It is still a good idea to always run untrusted code in a virtual machine (even if MalwareTech tells you it’s safe!).

Some challenges emulate techniques used in real malware, which may cause antivirus detections. Don’t contact me about AV detection, treat all files as if you were reversing malicious code.

[/disclaimer]

 

If you enjoy these challenges and would like to support me, I’m on Patreon.

 

Static Analysis

All challenges are designed to be completed without using a debugger. Your goal should be to be able to complete each challenge without running the exe.

Need help? Join our Discord community: https://discord.gg/esb3x7K

[Hide and Seek]
Exes contain one or more un-encrypted flags, you need to find the correct flag without bruteforcing.


[Shellcode]
These challenges utilize position independent code to decrypt the flag, figure out what the shellcode does and decrypt it yourself.


[Devirtualization]
Each challenge implements a custom virtual machine used to execute some bytecode. You must write your own bytecode interpreter to retrieve the flag.

  • vm1[medium]


[Ransomware]
Archives contains a dump of a ransomware encryption routine and some encrypted files. Find a way to recover files.