Malware analysis tool

I can’t remember where I saw this initially, but I learned about a malware analysis tool that’s available on github and tried it out today. The tool is called Qu1cksc0pe and you can find it at this link: GitHub - CYB3RMX/Qu1cksc0pe: All-in-One malware analysis tool.

You run it from the command line and it uses a number of tools including a set of Yara rules to do a quick analysis of the subject file. You can also add your Virustotal api key and then submit files to VT with the tool.

Here are some photos of the output from a scan I just did:

Looks awesome, can’t believe I haven’t heard of this before. Definitely gonna try it out.

It works really quick, too. I ran it on my Linux system and it blew through that exe file in short order.