Skip to content
/ DecypherIT-Nanocore Public

Tools and resources to extract config info from Nanocore and assist in analysis of CipherIT

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

myrtus0x0/DecypherIT-Nanocore

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.md
README.md
 
 
autoit.a32_.au3
autoit.a32_.au3
 
 
configExtract.py
configExtract.py
 
 
deCypherIT.go
deCypherIT.go
 
 
manual_analysis.au3
manual_analysis.au3
 
 

Repository files navigation

DecypherIT-Nanocore

Located in this repo are the tools and resources used to analyze the nanocore sample and CypherIT crypter from this blog post.

CypherIT

To simplify the CypherIT crypter

go run deCypherIT.go -input_file autoit.au3

Nanocore

Config extract

python configExtract.py --sample nanocore.bin --guid a60da4cd-c8b2-44b8-8f62-b12ca6e1251a --dump_dir ./plugins

About

Tools and resources to extract config info from Nanocore and assist in analysis of CipherIT

Resources

Readme
Activity

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages