Malware Config resources

mlwr-cfg.txt

References to malware configuration extraction and memory dumping:

    https://www.vmray.com/cyber-security-blog/vmray-platform-feature-highlight-extended-smart-memory-dumping/
    https://www.vmray.com/cyber-security-blog/malware-configuration-extraction-vmray-analyzer-4-5-feature-highlight/
    https://any.run/cybersecurity-blog/malware-configuration/
    https://developers.virustotal.com/reference/malware_config

Commercial projects:

    https://malwareconfig.com/
    https://research.acce.ciphertechsolutions.com

Open-source projects:

    https://github.com/kevoreilly/CAPEv2/tree/master/modules/processing/parsers/CAPE
    https://github.com/c3rb3ru5d3d53c/mwcfg
    https://github.com/CERT-Polska/karton-config-extractor
    https://github.com/dod-cyber-crime-center/DC3-MWCP
    https://github.com/CybercentreCanada/Maco
    https://github.com/ciphertechsolutions/os_acce_parsers
    
Writing malware configuration extractors and parsers:

    https://n1ght-w0lf.github.io/tutorials/yara-for-config-extraction/
    https://devilinside.me/blogs/configuration-extraction-yara
    https://www.techanarchy.net/decoding-nanocore-rat/
    https://malwation.com/malware-config-extraction-diaries-1-guloader/
    https://www.sentinelone.com/labs/writing-malware-configuration-extractors-for-isfb-ursnif/
    https://blog.xorhex.com/blog/yarafollowingfallchills_e8_call/
    https://unit42.paloaltonetworks.com/teasing-secrets-malware-configuration-parsing/