Requiem

The main decryption routine applies an XOR with 0x5a inside a loop that runs 0x2d times, meaning the program processes 45 bytes in total. At first, Binary Ninja shows data_4484f4 as a 10-byte string, but that is misleading because it stops displaying the data once non-printable bytes appear. Looking at the hex view confirms that the encoded buffer actually continues for 45 bytes.

XORing the first visible bytes of data_4484f4 with 0x5a gives apoorvctf{, which reveals the flag prefix. However, the rest of the 45-byte buffer is still not readable as plain text, so recovering the full flag statically from the displayed string alone is not enough.

Later in the program, the function getFlag is used, which suggests that the complete flag is reconstructed during execution. The easiest approach is therefore to debug the binary and inspect memory after the XOR operations. By placing a breakpoint after the XOR step and examining the resulting buffer in the debugger, the flag contents become visible in memory.