New challenge: mail captured.

After some time without any challenge, we come back with a new case where we should put in practice some techniques that could be used to get hidden information from apparently “normal” files .

In this case, we have captured an e-mail (with the attachment attachment.rar) belonging to a gang who is accused of vulnerabilities exploitation in different systems in order to install malware and spy everything that users do in their machines.

Although at first glance the captured file (attachment.rar) only appears to have three images, we believe that inside of it, some instructions or tips are given to know how they are installing the malware.

As usual, we have provided two rar files that require a password to be opened. The first one (validator1.rar) will be opened with the solution of part 1 of the challenge, and the second one (validator2.rar) with the solution for the second part. Please note that the challenge is not to try to crack these two files, since they only allow you to see if you have reached the right solution or not. In this occasion, to resolve the second part you should have solved the first one previously.

As always, the solution will be published in a few days on the blog. Anyway, if we see that there are questions about the challenge, we will publish some tips before the solution.

I hope you enjoy this challenge ;)


  1. De ganas Rafael! Me has ayudado un montononon, te agradezco MUCHO el tiempo para explicarme y los links de investigacion…

    Espero lograr algo en este reto jejeje