About Malwareconfig

What is this place

Malwareconfig.com is a web application that allows you to upload malware samples and if they match specific malware families it will extract the configuration section for you.

If you dont want to save the config online you can always grab the toolkit yourself

Sample Storage

MalwareConfig stores uploaded files in to a temporary file in order to process them. Once the processing is completed the file is removed from the system

The MetaData and Config paramaters are the only data that is retained.

Special Thanks

A Special Thank you to the following people for their help and contributions

malware.lu xtreme Rat Analysis Yara Exchange Pest Control Taming The Rats BlackShades Analysis by Brian Wallace (@botnet_hunter) Jørgen Bøhnsdalen NCC Group for sharing their NetWire Decoder AirBus Sakula Writeup

3rd Party Components

MalwareConfig makes use of the following 3rd party software and libraries.

Python BootStrap Yara Virus Total PyCrypto PyPe32 MaxMind GeoLite2 City DataBase