Release for LODEINFO malware triage tools
- lodeinfo/triage.py
- decrypts and extracts the malicious shellcode from the file, and detects the AES key and malware version.
- lodeinfo/decode_connection.py
- decodes and parses the LODEINFO malware's C2 communication.
- lodeinfo/resolve_api_hash.py
- automatically creates the API structure used in LODEINFO to assist your artifact analysis.