Home

Awesome

mal_unpack

Build status Codacy Badge Commit activity Last Commit

GitHub release GitHub release date Github All Releases Github Latest Release

License Platform Badge

Dynamic unpacker based on PE-sieve.<br/> It deploys a packed malware, waits for it to unpack the payload, dumps the payload, and kills the original process.</b>

📖 Read more on PE-sieve's Wiki. <br/>

Usage

mal_unpack.exe /exe <path_to_the_malware> /timeout <timeout: ms>

WARNING: This unpacker deploys the original malware. Use it only on a VirtualMachine.

ℹ For the best performance, install MalUnpackCompanion driver.

ℹ Check also the python wrapper: MalUnpack Runner

ℹ Check the python Library: MalUnpack Lib

Clone

Use recursive clone to get the repo together with submodules:

git clone --recursive https://github.com/hasherezade/mal_unpack.git

Builds

Download the latest release.