Reverse engineering - light up the server

Solution

After Analyzing the server in IDA Pro and Flare CAPA

The rule detected a regex as obfuscated stack strings

Finding a match string via regex101

The Flag