In order to analyze it statically with a valid result, we should recover its real imports first. So, analyzing it statically we may get confused. For example, the Imports are replaced at runtime by some other imports. We are supposed to decrypt one of those GIFs () in order to get the flag. The EXE is a ransomware, and the two GIFs are encrypted by it. In this task we get an EXE (Mugatu.exe) and two encrypted GIFs:, the_key_to_success_. I will be adding more details to this post. In this post I will describe the last 3 tasks of the competition: Each year we get 12 crackmes of increasing difficulty to solve. It is like a marathon of reverse engineering.
Flare-On Challenge is an annual competition organized by FireEye (the FLARE team).