The main trick was to not blindly use upx -d to unpack the binary, as this would result in a "jebaited" version that doesn't even have the flag. Instead on unpacking, you just had to set a breakpoint at very first instruction of the original binary and reverse the few lines of assembly.

Source code and mini-writeup on the [official Github](https://github.com/Insomnihack/Teaser-2020/tree/master/kaboom).

Original writeup (https://github.com/Insomnihack/Teaser-2020/tree/master/kaboom).