• Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
AnonyViet - English Version
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
No Result
View All Result
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
No Result
View All Result
AnonyViet - English Version
No Result
View All Result

How to use Qu1cksc0pe to analyze malware

AnonyViet by AnonyViet
January 26, 2023
in Security
0

Qu1cksc0pe is a tool to analyze Windows, Linux, OSX source code, exe files and even Apk. If you are passionate about reverse engineering or want to analyze if a file is safe before installation, Qu1cksc0pe will quickly analyze it for you with just a few simple commands.

Join the channel Telegram of the AnonyViet 👉 Link 👈

Features of Qu1cksc0pe

Qu1cksc0pe is written in Python, so it’s quite easy to use, you only need a file to analyze and the computer has python pre-installed. Features of this software will help you to know:

  • What DLL files are used.
  • Functions and APIs.
  • Sections and segments
  • URL, IP address and email.
  • Android permissions.
  • File extensions and their names.

Qu1cksc0pe aims to get more information about suspicious files and help users realize what the file is capable of.

How to install Qu1cksc0pe

First you need to download and install Qu1cksc0pe on your computer. On linux you can use the command:

git clone https://github.com/CYB3RMX/Qu1cksc0pe.git

cd Qu1cksc0pe

Or download the .zip file directly here.

Then install the necessary modules: pip3 install -r requirements.txt. These modules include:

  • puremagic=> Analyze OS
  • androguard=> Analyze APK files.
  • apkid=> Check Obfuscators, Anti-Disassembly, Anti-VM and Anti-Debug.
  • prettytable=> create a table for the results
  • tqdm=> Progress bar animation.
  • colorama=>Color the output
  • oletools=> Analyze VBA Macros.
  • pefile=> Collect all information from PE files.
  • spacy=> Natural language processing for string parsing.
  • quark-engine=> Extract IP address and URL from APK file.
  • pyaxmlparser=> Collect information from target APK files.
  • yara-python=> Scan Android libraries with Yara rules.
  • capstone=> Decode binary.

Can you provide some more information to make the decompile process better:

  • Add VirusTotal API Key: https://virustotal.com
  • Install more Binutils: sudo apt-get install binutils
  • Install more ExifTool: sudo apt-get install exiftool
  • Install more Strings: sudo apt-get install strings

The last step is to install Qu1cksc0pe

sudo python3 qu1cksc0pe.py --install

How to use Qu1cksc0pe for malware analysis

To analyze the source code of a file or data to see if it is malicious, copy the file to be analyzed into the same directory of Qu1cksc0pe and use one of the following commands:

Normal analysis:

python3 qu1cksc0pe.py --file filename.exe --analyze

How to use Qu1cksc0pe to analyze malware

Analyze multiple files at once:

python3 qu1cksc0pe.py --multiple FILE1 FILE2 ...

file analysis

Hash scan:

python3 qu1cksc0pe.py --file filename --hashscan

Folder scan:

There are 2 parameters:

python3 qu1cksc0pe.py --folder FOLDER --hashscan

VirusTotal:

python3 qu1cksc0pe.py --file suspicious_file --vtFile

Document scan – Analyze text files with malicious code:

python3 qu1cksc0pe.py --file filename_document --docs

Programming language detection – Check language:

python3 qu1cksc0pe.py --file suspicious_executable --lang

Domains:

python3 qu1cksc0pe.py --file suspicious_file --domain

Information on analytical categories

Registry

This category contains functions and strings about:

  • Create or destroy registry keys
  • Change registry keys and registry logs

File

This category contains functions and strings about:

  • Create/change/infect/delete files.
  • Get information about file contents and file system.

Network/Web

This category contains functions and strings about:

  • Communicate malicious servers.
  • Download malicious files.
  • Send information about the infected machine and its users.

Process

This category contains functions and strings about:

  • Create/infect/terminate process.
  • Manipulate processes.

DLL/Resource Handling

This category contains functions and strings about:

  • Deal with DLL files and other malware resource files.
  • Infect and manipulate DLL files.

The ability to hide

This category contains functions and strings about:

  • Manipulate Windows security policies and bypass restrictions.
  • Detect debuggers and perform hidden tricks from anti-virus software

System

This category contains functions and strings about:

  • Executing system commands.
  • Working with system files

COMObject

This category contains functions and strings about:

  • Microsoft’s Component Object Model system

Encode

This category contains functions and strings about:

  • Encrypt and decrypt files.
  • Generate and destroy hashes.

Collect information

This category contains functions and strings about:

  • Collect all information from the destination server. Like process state, network device, etc.

Keyboard/Keylogging

This category contains functions and strings about:

  • Monitor the keyboard of the infected machine.
  • Collect keyboard information
  • Manage input methods, etc.

Memory management

This category contains functions and strings about:

  • Manipulating and using target machine memory.

The article achieved: 5/5 – (100 votes)

Tags: analyzeMalwareQu1cksc0pe
Previous Post

Extension MonokaiToolkit – Multifunctional Facebook Management Tool

 Next Post

Use Iriun to turn your phone camera into a computer Webcam for online learning
AnonyViet

AnonyViet

Related Posts

How to intercept traffic using Burp Suite to analyze HTTP/HTTPS
Security

How to intercept traffic using Burp Suite to analyze HTTP/HTTPS

April 18, 2026
How to use hackers use Splitfus to execute PowerShell malicious code
Security

How to use hackers use Splitfus to execute PowerShell malicious code

July 20, 2025
How to implement Shellcode Injection attack technique with Autoit
Security

How to implement Shellcode Injection attack technique with Autoit

March 14, 2025
How to exploit the holy hole of Hijacking on Windows
Security

How to exploit the holy hole of Hijacking on Windows

March 8, 2025
Hamamal: Shellcode execution technique from afar to overcome Antivirus's discovery
Security

Hamamal: Shellcode execution technique from afar to overcome Antivirus's discovery

February 10, 2025
Snov.io Email Finder: Search emails with only company name/domain name/LinkedIn profile
Security

Snov.io Email Finder: Search emails with only company name/domain name/LinkedIn profile

December 14, 2024
Next Post
Use Iriun to turn your phone camera into a computer Webcam for online learning

Use Iriun to turn your phone camera into a computer Webcam for online learning

0 0 votes
Article Rating
Subscribe
Login
Notify of
guest

guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

Recent News

How to create a Face Sticker Collection using ChatGPT

How to create a Face Sticker Collection using ChatGPT

April 29, 2026
How to install the cute Bongo Cat mouse pointer for Windows

How to install the cute Bongo Cat mouse pointer for Windows

April 29, 2026
Tips for pinning the step counter to the iPhone screen to monitor your health

Tips for pinning the step counter to the iPhone screen to monitor your health

April 28, 2026
How to turn off password suggestions on iPhone: Prevent Safari from auto-filling passwords

How to turn off password suggestions on iPhone: Prevent Safari from auto-filling passwords

April 27, 2026
How to create a Face Sticker Collection using ChatGPT

How to create a Face Sticker Collection using ChatGPT

April 29, 2026
How to install the cute Bongo Cat mouse pointer for Windows

How to install the cute Bongo Cat mouse pointer for Windows

April 29, 2026
Tips for pinning the step counter to the iPhone screen to monitor your health

Tips for pinning the step counter to the iPhone screen to monitor your health

April 28, 2026
AnonyViet - English Version

AnonyViet

AnonyViet is a website share knowledge that you have never learned in school!

We are ready to welcome your comments, as well as your articles sent to AnonyViet.

Follow Us

Contact:

Email: anonyviet.com[@]gmail.com

Main Website: https://anonyviet.com

Recent News

How to create a Face Sticker Collection using ChatGPT

How to create a Face Sticker Collection using ChatGPT

April 29, 2026
How to install the cute Bongo Cat mouse pointer for Windows

How to install the cute Bongo Cat mouse pointer for Windows

April 29, 2026
No Result
View All Result
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office

wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply