Writing a Qakbot 5.0 config extractor with Malcat | allinfosecnews.com

March 9, 2024, 8:23 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Starting from a (backdoored) MSI installer, we will unroll the infection to chain to get the final Qakbot sample. Sticking to pure static analysis, we will then decrypt Qakbot's configuration and finally write a script in Malcat to automate the process.

Article Link: Writing a Qakbot 5.0 config extractor with Malcat

1 post - 1 participant

Read full topic

analysis article config configuration decrypt infection installer link malware analysis msi process qakbot sample script static analysis writing

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Wireshark 4.2.5 Released, (Sat, May 18th) 5 hours ago | malware.news

article bugs center cve +13

The who, where, and how of APT attacks – Week in security with Tony Anscombe 16 hours ago | malware.news

apt article attacks campaigns +11

Leveling the cybersecurity playing field 21 hours ago | malware.news

article blumira cybersecurity entry +4

Hardware cybersecurity leader, Flexxon, introduces Server Defender 21 hours ago | malware.news

advanced article cybersecurity defender +8

Automated pentesting in the cloud 21 hours ago | malware.news

article automated challenge cloud +10

How to revamp your cybersecurity in the middle of the chaos 21 hours ago | malware.news

article attackers chaos cybersecurity +8

6K-plus AI models may be affected by critical RCE vulnerability 22 hours ago | malware.news

ai models article attacks critical +14

Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023 23 hours ago | malware.news

article attacks link media +6

Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387 1 day, 1 hour ago | malware.news

amp article cisa deepfakes +8

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Security Operations Manager-West Coast

@ The Walt Disney Company | USA - CA - 2500 Broadway Street

View on infosec-jobs.com

Vulnerability Analyst - Remote (WFH)

@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US

View on infosec-jobs.com

Senior Mainframe Security Administrator

@ Danske Bank | Copenhagen V, Denmark

View on infosec-jobs.com