A python script using radare2 for decrypt and patch the strings of GootKit malware
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more about the CLI.
Please sign in to use Codespaces.
If nothing happens, download GitHub Desktop and try again.
If nothing happens, download GitHub Desktop and try again.
If nothing happens, download Xcode and try again.
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
http://reversingminds-blog.logdown.com/posts/7369479
A python script using radare2 for decrypt and patch the strings of GootKit malware
-o [JSON|PLAINTEXT] print decrypted strings in the given format
patch_gootkit.py unpacked_gootkit.exe
patch_gootkit.py unpacked_gootkit.exe -o
patch_gootkit.py unpacked_gootkit.exe -o json
unpacked_gootkit.exe__patched
A python script using radare2 for decrypt and patch the strings of GootKit malware