"MalCfgParser" is a malware configuration parsing tool for incident response analysts and malware researchers. Malware detection and analysis evasion is a cat-and-mouse game between analysts and malware authors. The attackers apply diverse landing mechanisms or obfuscation techniques to cloak their backdoors. It is imperative to adopt automated analysis to handle these rapidly changing malware. In this talk, we present "MalCfgParser", which dives into memory to perform automatic and brute-force parsing to extract the malware configuration. Malware configurations expose C&C servers, encryption key, campaign code, installation path or mutex name. It helps analysts or enterprise to produce a more complete vision to threat. The MalCfgParser operate standalone for manually analysis, integrate with a sandbox, or any memory forensics tools. It is designed to be a flexible framework that every malware researcher could contribute their knowledge of a specific malware family, and easily add configuration settings to enhance its power. We believe the above scenarios and operated modes serve the needs for people fighting with malware, including malware researchers, forensic or incident response. Lastly, we will have a live demo for both standalone and integration with TeamT5 product with several notorious APT malware, or crimeware.