DFIR Labs

The writeup analyzes Lobster Stealer, a macOS malware that steals sensitive data like passwords, browser history, and cryptocurrency wallet info. It uses RC4 for command obfuscation and AES-128-CBC for encrypting flag. The challenge involves decrypting the flag by analyzing the malicious OSA script and extracting encryption keys from a PNG file.