file-collapse

First, I found the AES key with findaes. Then I used the following script to try different initial values until one started with TUCTF.

from Crypto.Cipher import AES

aes_key = bytes.fromhex('30 26 ca b7 05 3a 7b b6 32 a7 9a 4e 38 a1 4c 36')
with open('flag.txt', 'rb') as f:
  ciphertext = f.read()[:16]

with open('heap.mem', 'rb') as f:
  mem = f.read()

for addr in range(0, len(mem)):
  iv = mem[addr2:addr2+16]
  aes = AES.new( aes_key, AES.MODE_CBC, iv )
  res = aes.decrypt( ciphertext )
  if b'TUCTF' in res:
    print(hex(addr2), res)