MalConfScan
MalConfScan is a Volatility plugin for extracting configuration data of known malware and analyzing memory images.
MalConfScan
MalConfScan is a Volatility plugin for extracting configuration data of known malware and analyzing memory images.
MalConfScan Description
MalConfScan is a Volatility plugin that extracts configuration data of known malware, searches for malware in memory images, and dumps configuration data. It also has a function to list strings to which malicious code refers. Supported malware families include Ursnif, Emotet, Smoke Loader, PoisonIvy, CobaltStrike, and many others. Additionally, it can dump decoded strings or DGA domains. MalConfScan also provides additional analysis by listing strings to which malicious code refers and decoding configuration data usually encoded by malware.
MalConfScan FAQ
Common questions about MalConfScan including features, pricing, alternatives, and user reviews.
MalConfScan is MalConfScan is a Volatility plugin for extracting configuration data of known malware and analyzing memory images.. It is a Security Operations solution designed to help security teams with Memory Forensics, Malware Analysis, Malware Detection.
