Are you attending BlackHat this year and you are based in the US or EU? please DM lets get together and chat as I’m hiring for an open Malware Analyst/Reverse Engineer positions in my team #BlackHat#BHUSA#BHUSA2022
"This seems to be a plugin built into Qbot." Yes! #Qbot#malware has an Independent module to load #CobaltStrike on infected systems https://t.co/MsIP92kPnz
If you are working with #Qbot#Malware stagers and modules consider using this #IDApro python script to resolve the imports statically. https://t.co/j38GzVRUao
Found a possible #Qbot#QakBot#malware module you suspect to be a #CobaltStrike shellcode loader. Run it through this script it will extract the config for you https://t.co/MsIP92kPnz
@RolfRolles Thank you! a lot of analysts don't see value in applying types and its indeed important for correct analysis and the "force call" feature is interesting will give it a shot