Malware Configuration Extraction Modules

November 3, 2022 ยท View on GitHub

Extracts Malware Configurations using Malduck

To use these modules or contribute try my featureful CLI utility for MalDuck called mwcfg.

Supported Modules:

  • :heavy_check_mark: Azorult
  • :heavy_check_mark: ASyncRAT
  • :heavy_check_mark: Citadel
  • :heavy_check_mark: Hancitor
  • :heavy_check_mark: 44Caliber Stealer
  • :heavy_check_mark: ZLoader
  • :heavy_check_mark: IcedID
    • :heavy_check_mark: PhotoLoader
    • :heavy_check_mark: PELoader
  • :heavy_check_mark: Emotet