Scripts

An IDA pro python script to decrypt Qbot malware string

Nov 09, 2021 1 min read

Qbot-Strings-Decrypter

An IDA pro python script to decrypt Qbot malware strings.

Tested and working with Qbot OBAMA111 https://www.malware-traffic-analysis.net/2021/10/07/index.html

Before using the script make sure to fix the calling convention of the decryption functions like below.

All the decrypted string will be placed as comment next to the decrypt string function call.

GitHub

John was the first writer to have joined pythonawesome.com. He has since then inculcated very effective writing and reviewing culture at pythonawesome which rivals have found impossible to imitate.

An IDA pro python script to decrypt Qbot malware string

Qbot-Strings-Decrypter

GitHub

John

A GitHub Action for checking Django migrations

Client data provider API

Qbot-Strings-Decrypter

GitHub

A GitHub Action for checking Django migrations

Client data provider API

You might also like...