Unpacker Wiki - malwaremusings/unpacker GitHub Wiki

Welcome to the wiki for my automated unpacking script, which really needs a better name. I developed the script while I was developing my reverse engineering skills (and had more time on my hands) and, being a fan of automation, set out to see if I could automate some useful malware analysis processes.

More detection and extraction functionality has been added as I’ve thought about it, or come across a requirement for it.

Prerequisites

  • Python 2 for Windows (WinAppDbg isn’t going to run on Python 3, which saves me from migrating my script to Python 3)

  • WinAppDbg — a Python wrapper around the Win32 debugging API, and scriptable debugger

    • A Python disassembly library

Installation

There isn’t an installer yet. I was thinking it might be nice to make an installer for it, so that it shows up as an installed application on Windows, but it is only one file.

  1. Copy the unpack.py file to the target host

Running

python <path>\unpack.py <exefile>

Add a custom footer
⚠️ **GitHub.com Fallback** ⚠️