NOTE: This repo is intended to use as part of an Elastic malware-exquacker pipeline. See the main repo at: https://github.com/elastic/malware-exquacker
Extracts Malware Configurations using Malduck
This is a fork of the upstream work located here: https://github.com/c3rb3ru5d3d53c/mwcfg-modules. You
can use these modules in the same way using the CLI utility for MalDuck called mwcfg
or using the Elastic tool called malware-exquacker
. Elastic Security researchers publish extractors for malware that we've
developed internally and make them available to the community as-is. Other modules from the upstream
repo have been modified to match our Elastic Common Schema
output.
Supported Modules: