This repository contains Python scripts mainly written for malware research purposes.
The intend is to help students to get a better understanding how malware related tasks can be automated.
=> Ragnarok-config-decrypter.py (Quick 'n' dirty Ragnarok config decrypter using modded RC4)
=> de_aPLib.py (Scans a file for an aPLib compressed PE binary and uses Malduck for decompression)
=> cl0p_ransomnote_decrypter.py (Decrypts ransomnotes stored inside resource section of cl0p samples)
=> DYEPACK_Config_RC4_decrypter.py (Decrypts APT38 DYEPACK config file encrypted with RC4 using Malduck)