Iesys.exe From the author "Well, it's a new game guide" Content of the full text and five issues
As soon as January 1 is reached, everything related to iesys.exe received an email from a person who names the author, and it is news in various places. There are five problems in all, and by solving them, it is possible to obtain "a set of source code of iesys and attached tools", "a long message from me (FAQ format including answers to e-mails I received)" about.
First of all, we will start to report on each news organization as follows following the January 1st as follows:
◆ 2013.1.1 00: 42
【Impersonation Virus】 "It is a new game guide" From the "real criminal" Early Mail - MSN Sankei News
http://sankei.jp.msn.com/affairs/news/130101/crm13010100430000-n1.htm
The address of the sender was the same as the address used in the preliminary notice of committing or suicide notice. A reporter at Sankei Shimbun sent a questionnaire etc to this address in November and December.
◆ January 01, 2013 01: 32 minutes
PC remotely incident · again from the criminal mail "New Game Guide is OK" - ITmedia News
http://www.itmedia.co.jp/news/articles/1301/01/news007.html
◆ January 1, 2013 1:32
Asahi Newspaper Digital: PC remote control "From the real criminal"? To the Asahi Newspaper reporters mail - Society
http://www.asahi.com/national/update/0101/TKY201212310638.html
◆ 2013/01/01 - 03: 22
Current affairs dot com: remote operation "real culprits" from mail = news organizations and more than 20 places
http://www.jiji.com/jc/c?g=soc_30&k=2013010100016
◆ January 1 4:46
Email to the remote criminal culprit or news agency NHK News
http://www3.nhk.or.jp/news/html/20130101/k10014544971000.html
The Joint investigation headquarters of the Metropolitan Police Department and others will decide the source of the e-mail in response to the information provided by the e-mail content and check the relationship with the incident.
◆ 01 January 01 (Tuesday) 06: 45 minutes
PC remote control incident, mail to TBS etc. MBS News - MBS Mainichi Broadcasting news website -
http://www.mbs.jp/news/jnn_5221471_zen.shtml
◆ 2013/1/1 9: 18
The real criminal of PC remote control? To mail news organizations etc.: Nihon Keizai Shimbun
http://www.nikkei.com/article/DGXNASFK01005_R00C13A1000000/
◆ January 1, 2013 12:42
New game guide ... remote control real criminal? From Mail: Society: YOMIURI ONLINE (Yomiuri Shimbun)
http://www.yomiuri.co.jp/national/news/20130101-OYT1T00207.htm
The full sentence of what kind of e-mail it actually was published on the site of Mr. Yano Satoru who is one of those being sent.
[Enkaku_virus] The case where a challenge came from a remote control custodian as soon as the New Year
http://d.hatena.ne.jp/satoru_net/20130101
The mail sent at the very beginning was sent on 0 January 18th on January 1 in the subject "Happy New Year", and it is as follows.
To whom
Happy New Year.
I would like to express my sincere gratitude for the new spring.
Heisei 25th New Year's Day
Well, it's new game information - ー ー ー ー ー
It is finally announcing that I started charging in October.
When solving the attached puzzle, for the first-come-first-served basis only
· Complete source code of iesys and included tools
· Long sentences from me (FAQ form such as answers to previously received e-mails)
It is a gimmick that can be obtained automatically.
There are 5 questions. Each time you solve the file of the next problem appears.
The mass media is the opportunity of an exclusive scoop. First come, first served.
※ Since I could not attach it, please do it here instead.
[URL]
Speaking of hope / suggestion, it is better not to inform the police immediately of this mail.
I will increase the rival and I would like someone other than the police to read the message first.
There is no criminal element such as death or killing this game, so there is no need to report in a hurry.
Please send it to the investigation headquarters along with the file that came out after someone has solved.
Whether
Everything from the actual first question to the final problem is posted on the following site.
I tried challenging the problem which it seemed to be from the remotely operated virus writer. - (n)
http://n.pentest.jp/?p=24997
Compressed from the URL in the above email and password was applied7-ZipThe 7z format file and the first question image can be obtained with the following image.
The Korean part becomes "Password ... is the ◯◯◯", "Tales of EterniaCharacter "Meldy" is talkingMelnixWhen solving, it turns out that "HAPPYNEWYEAR 2013" is a release password, and when using this password to decompress the 7z format file, 85 PNG format images come out from the inside.
They are"Love MachineIt is possible to restore the original file by using a tool for impersonation / division of old-fashioned file named "old".
When you decompress the LZH format compressed file that is combined and restored, the following image appears.
First of all this is "example. Png"
Then, "essay.png"
And the following sentences.
Well, the next issue is "Tsume Shogi".
The password of QUEST 3.7z is the correct answer record of the essay.
Please look at the example first.
The answer to this,
■ 2 Gori
□ 3 Three Balls
■ 3 steps
□ same money
■ 2 3 Sorihiro
□ same ball
■ 2 Diazumi synthesis
is.
When using this as a password, keep connecting as it is
"2 Five Feel 3 Three Balls 3 Four Steps Same Gold 2 Samurai Same Ball 2 Diamonds".
Solve the problem and lead the password with the same rule.
* Notation countermeasures.
The correct password consists of only the following characters. Arabic numerals are full width.
"1" "2" "3" "4" "5" "6" "7" "" 9 ""
"one two three four five six seven eight nine"
"Ayumu" "To"
"Incense" "incense"
"Katsura" "Katsura"
"Silver" "Silver Bell"
"Money"
"Horn" "Horses"
"Flying dragon"
"ball"
"same"
"Composition" "unfavorable"
"Right" "Left"
The way to answer these questions is explained below.
How to solve shuffled shogi sent from a criminal of remotely controlled virus case - Fushihara Knowledge Base
http://fushi.x0.com/blog/archives/1061
The answer is "2 Ninety-six cosmic balls 3 1 silver same balls 5 triangles 2 two balls 3 four katsura 2 three-balls 3 two silver balls 3 one corner balls 4 dragons". This is the end of the certification.
It is now possible to unzip "QUEST 3.7z".
When decompressing, two files "gyakku.mp3" and "QUEST4.tc" come out, "QUEST 4. tc" isTrueCryptIt is a file encrypted with. Password is necessary. "Gyakku.mp 3" is an audio file, and when it is played back in reverse according to the file name, the voice saying "Password is the name of the National Police Agency Secretary, Hepburn Romaji Letters Lowercase letters".
Since the name of the Director General of the National Police Agency is "Katagiri Yutaka", the password is "katagiriyutaka", and if you submit the contents of "QUEST 4. tc" encrypted with TrueCrypt as above, this time "kokohore1.JPG" Three files "kokohore2.JPG" and "QUEST 5. txt" came out, and the main body of the final question is as follows.
Thank you for your hard work. It is the last question.
Solving this,
· Iesys and accompanying tool source code set
· Long sentences from me (FAQ form such as answers to previously received e-mails)
Is available.
First of all, the storage medium storing the former file is filled in the location of the photo.
First come, first served! This is the first "first-come-first-served gimmick" we talked about.
There is no work on GPS coordinates this time.
There is no lie beyond measured error.
Also, QUEST 4.tc that contains this text has a hidden volume of truecrypt.
You can mount it by decrypting with a key file instead of a password.
The key file is "iesys_src.7z" in the USB memory.
I have "Message from me" in it, so please read it.
Below is the last image, clicking it will be the original image. EXIF and GPS etc are left unchanged.
The location indicated by the GPS coordinates of the image is "Mount CloudoIt is said to be the following place.
View Larger Map
To check GPS coordinates easilyHatena Photo LifeIt is easy to upload to the following, it becomes as follows.
If it is a little more expanded, it looks like here.
Although it is unknown why it is Mount Kumori, this mountain with an altitude of 2017 meters is the highest mountain in Tokyo and on the summit like the above pictureFirst triangleThere is clearly easy to understand places filled, and according to Wikipedia, "It is dangerous at the time of the descent when the climbing early in the morning is falling and falling dangerous", even if the final problem is solved on the net as above Even so, it seems reason is that it is not easy for ordinary people to arrive so easily.
Related Posts:
in Note, Posted by darkhorse