Qu1cksc0pe – All-in-One Static Malware Analysis Tool

This tool allows you to statically analyze Windows, Linux, OSX executables and APK files.

You can get:

  • What DLL files are used.
  • Functions and APIs.
  • Sections and segments.
  • URLs, IP addresses and emails.
  • Android permissions.
  • File extensions and their names.
    And so on…

Qu1cksc0pe aims to get even more information about suspicious files and helps user realize what that file is capable of.

Multiple analysis

Usage: python3 qu1cksc0pe.py --multiple FILE1 FILE2 ...

Hash scan

Usage: python3 qu1cksc0pe.py --file suspicious_file --hashscan

Folder scan

Supported Arguments:

  • --hashscan
  • --packer

Usage: python3 qu1cksc0pe.py --folder FOLDER --hashscan


VirusTotal

Report Contents:

  • Threat Categories
  • Detections
  • CrowdSourced IDS Reports

Usage for –vtFile: python3 qu1cksc0pe.py --file suspicious_file --vtFile


Document scan

Usage: python3 qu1cksc0pe.py --file suspicious_document --docs

Programming language detection

Usage: python3 qu1cksc0pe.py --file suspicious_executable --lang

Interactive shell

Usage: python3 qu1cksc0pe.py --console

Domain

Usage: python3 qu1cksc0pe.py --file suspicious_file --domain

Informations about categories

Registry

This category contains functions and strings about:

File

This category contains functions and strings about:

Networking/Web

This category contains functions and strings about:

Process

This category contains functions and strings about:

Dll/Resource Handling

This category contains functions and strings about:

Evasion/Bypassing

This category contains functions and strings about:

System/Persistence

This category contains functions and strings about:

COMObject

This category contains functions and strings about:

Cryptography

This category contains functions and strings about:

Information Gathering

This category contains functions and strings about:

Keyboard/Keylogging

This category contains functions and strings about:

Memory Management

This category contains functions and strings about:

Download Qu1cksc0pe

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source
Tags: , , , ,