![Writing a Qakbot 5.0 config extractor with Malcat](https://malcat.fr/blog/writing-a-qakbot-50-config-extractor-with-malcat/qakbot_cmp.png)
Writing a Qakbot 5.0 config extractor with Malcat
Starting from a (backdoored) MSI installer, we will unroll the infection to chain to get the final Qakbot sample. Sticking to pure static analysis, we will then decrypt Qakbot's configuration and finally write a script in Malcat to automate the process.
Read more →