GecisKodu CrackMe



GecisKodu.exe is a ‘Crack-Me’ written in Turkish. It poses no threat to the system.





DETAILS
The purpose of this program is for the user to enter a correct key to solve the puzzle. In the cyber world this type of program is called a ‘Crack Me’. It is intended for users to practice reverse engineering or cracking software.



Incorrect input results in the following text:
Original: Yavas ol, once dusun sonra hareket et !!!
Translation: Be slow, think once and then move on !!!


Correct input results in:
Original: Tebrikler, dogru kodu girdiniz yolunuz acik olsun …
Translation: Congratulations, you have entered the correct code …


Solving the puzzle requires the following key:
Key: Fl4g_HSVI_1126



DETECTION


Due to the benign nature of this file, detection is unnecessary. However, if your organization classifies this type of activity under ‘potentially unwanted programs’, the following YARA signature will detect it:


rule GecisKodu{
strings:
$str1 = {54 65 62 72 69 6B 6C 65 72 2C 20 64 6F 67 72 75 20 6B 6F 64 75 20 67 69 72 64 69 6E 69 7A 20 79 6F 6C 75 6E 75 7A 20 61 63 69 6B 20 6F 6C 73 75 6E 20 2E 2E 2E}
condition:
all of them
}


CONCLUSION

GecisKodu.exe could be classified under ‘potentially unwanted programs’ due to its cracking affiliation, however, it poses no security risk to systems.


FILE DETAILS

Filename
GecisKodu.exe
Packer
None
Hash
a97be81ad69ea8656da07042b82a7339
Status
BENIGN
Sample
Sample Unavailable