moth/packages/skynet/400/index.mdwn

This category contains live samples of real malware. If you participate
in this category, you agree to take all proper precautions: running in
a virtual machine, properly cleaning your system afterwards, and not
exposing any networks to these samples.

YOU HAVE BEEN WARNED!

A user is complaining of random blue screens. Their computer is
running slowly. When you inspect the system you find a file named
malware.sys. Reverse engineer it and answer the following question.

What user mode process does the kernel module inject into?
Add in puzzles Also, modularize the build. This is now a single project for all CTF packages. 2010-09-24 17:24:43 -06:00			`This category contains live samples of real malware. If you participate`
			`in this category, you agree to take all proper precautions: running in`
			`a virtual machine, properly cleaning your system afterwards, and not`
			`exposing any networks to these samples.`

			`YOU HAVE BEEN WARNED!`

			`A user is complaining of random blue screens. Their computer is`
			`running slowly. When you inspect the system you find a file named`
			`malware.sys. Reverse engineer it and answer the following question.`

			`What user mode process does the kernel module inject into?`