{ "info": { "author": "Un{i}packer Team", "author_email": "masrepus97@gmail.com", "bugtrack_url": null, "classifiers": [], "description": "_ _ __ _ __ _\n | | | | / / (_) \\ \\ | |\n | | | |_ __ | | _ | | _ __ __ _ ___| | _____ _ __\n | | | | '_ \\/ / | | \\ \\ '_ \\ / _` |/ __| |/ / _ \\ '__|\n | |_| | | | \\ \\ | | / / |_) | (_| | (__| < __/ |\n \\___/|_| |_|| | |_| | || .__/ \\__,_|\\___|_|\\_\\___|_|\n \\_\\ /_/ | |\n |_|\n\n# Un{i}packer [![PyPI: unipacker](https://badge.fury.io/py/unipacker.svg)](https://pypi.org/project/unipacker/) [![Docker Cloud Build Status](https://img.shields.io/docker/cloud/build/vfsrfs/unipacker.svg)](https://hub.docker.com/r/vfsrfs/unipacker)\n\n| | |\n|---|---|\n| Master | [![Build Status](https://travis-ci.org/unipacker/unipacker.svg?branch=master)](https://travis-ci.org/unipacker/unipacker) |\n| Dev | [![Build Status](https://travis-ci.org/unipacker/unipacker.svg?branch=dev)](https://travis-ci.org/unipacker/unipacker) |\n\n## Unpacking PE files using Unicorn Engine\n\nThe usage of runtime packers by malware authors is very common, as it is a technique that helps to hinder analysis.\nFurthermore, packers are a challenge for antivirus products, as they make it impossible to identify malware by signatures\nor hashes alone.\n\nIn order to be able to analyze a packed malware sample, it is often required to unpack the binary. Usually this means,\nthat the analyst will have to manually unpack the binary by using dynamic analysis techniques (Tools: OllyDbg, x64Dbg).\nThere are also some approaches for automatic unpacking, but they are all only available for Windows. Therefore when\ntargeting a packed Windows malware the analyst will require a Windows machine. The goal of our project is to enable\nplatform independent automatic unpacking by using emulation that yields runnable Windows binaries.\n\n## Fully supported packers\n\n- **[ASPack](http://www.aspack.com/)**: Advanced commercial packer with a high compression ratio\n- **[FSG](https://www.aldeid.com/wiki/Category:Digital-Forensics/Computer-Forensics/Anti-Reverse-Engineering/Packers/FSG)**: Freeware, fast to unpack\n- **[MEW](https://www.softpedia.com/get/Programming/Packers-Crypters-Protectors/MEW-SE.shtml)**: Specifically designed for small binaries\n- **[MPRESS](http://www.matcode.com/mpress.htm)**: Free, more complex packer\n- **[PEtite](https://www.un4seen.com/petite/)**: Freeware packer, similar to ASPack\n- **[UPX](https://github.com/upx/upx)**: Cross-platform, open source packer\n- **YZPack**\n\n## Other packers\nAny other packers should work as well, as long as the needed API functions are implemented in Un{i}packer. For packers that\naren't specifically known you will be asked whether you would like to manually specify the start and end addresses for emulation.\nIf you would like to start at the entry point declared in the PE header and just emulate until section hopping is detected,\npress ```Enter```\n\n## Usage\n### Normal installation\nInstall the [YARA](https://github.com/VirusTotal/yara) package for your OS, get Un{i}packer from PyPi and start it using the automatically created command line wrapper:\n```\npip3 install unipacker\nunipacker\n```\nFor detailed instructions on how to use Un{i}packer please refer to the [Wiki](https://github.com/unipacker/unipacker/wiki).\nAdditionally, all of the shell commands are documented. To access this information, use the ```help``` command\n\n### Development mode installation\nClone the repository, and inside the project root folder activate development mode using ```pip3 install -e .```\n\n### Using Docker\nYou can also use the provided Dockerfile to run a containerized version of Un{i}packer:\n```\ndocker run -it -v ~/local_samples:/root/unipacker/local_samples vfsrfs/unipacker\n```\nAssuming you have a folder called ```local_samples``` in your home directory, this will be mounted inside the container.\nUn{i}packer will thus be able to access those binaries via ```/root/unipacker/local_samples```\n\n\n", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/unipacker/unipacker", "keywords": "", "license": "GPL-2.0", "maintainer": "", "maintainer_email": "", "name": "unipacker", "package_url": "https://pypi.org/project/unipacker/", "platform": "", "project_url": "https://pypi.org/project/unipacker/", "project_urls": { "Homepage": "https://github.com/unipacker/unipacker" }, "release_url": "https://pypi.org/project/unipacker/1.0.3/", "requires_dist": [ "yara-python", "pefile", "cmd2 (==0.9.12)", "unicorn-unipacker (==1.0.3b7)", "gnureadline ; platform_system == \"Darwin\"", "pyreadline ; platform_system == \"Windows\"" ], "requires_python": ">=3.6", "summary": "Automatic and platform-independent unpacker for Windows binaries based on emulation", "version": "1.0.3" }, "last_serial": 5913660, "releases": { "0.0.1": [ { "comment_text": "", "digests": { "md5": "a6623db9f121a8f4bd5f82ff85500721", "sha256": "bf732f964b61e924155ca63f6c9ebd8b26fbb5b8be215d35ceb3bfda2fb9500d" }, "downloads": -1, "filename": "unipacker-0.0.1.tar.gz", "has_sig": false, "md5_digest": "a6623db9f121a8f4bd5f82ff85500721", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.6", "size": 40729, "upload_time": "2019-05-22T21:01:38", "url": "https://files.pythonhosted.org/packages/10/56/348ba331b505200faf1d0b981c801d5dc3c0ce8106de444cc649a3b8db0c/unipacker-0.0.1.tar.gz" } ], "0.0.2": [ { "comment_text": "", "digests": { "md5": "55f23d810b6723da1f3cd79823495a75", "sha256": "2a5e2beafc558ad5cbda2ade0603dd33c945a94ab35c1ed4882b10a0ade18586" }, "downloads": -1, "filename": "unipacker-0.0.2-py3-none-any.whl", "has_sig": false, "md5_digest": "55f23d810b6723da1f3cd79823495a75", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.6", "size": 3723988, "upload_time": "2019-05-22T22:39:50", "url": "https://files.pythonhosted.org/packages/03/55/6a478a0d4b4549d5b25bd6dda35744d776a6104bde50f7e5112d1fae5023/unipacker-0.0.2-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "5e3a085304b61653edc6ea0f58222f7b", "sha256": "46cda9a164329c1f488e48db13aab19c3749abd8eb0f39c1d0ed4bb5ff566754" }, "downloads": -1, "filename": "unipacker-0.0.2.tar.gz", "has_sig": false, "md5_digest": "5e3a085304b61653edc6ea0f58222f7b", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.6", "size": 33972, "upload_time": "2019-05-22T22:39:51", "url": "https://files.pythonhosted.org/packages/76/06/797bc8ebd28c6dab300fa2a90707a6bed9df7567ed7d5c8e0d21f96eaae3/unipacker-0.0.2.tar.gz" } ], "0.0.3": [ { "comment_text": "", "digests": { "md5": "22a0638a7852c6d65a3513723a2d3555", "sha256": "56775b66f95b3cd2fcc89afd4c75ed02e0d82c5edd6362c83c1b8720d646892b" }, "downloads": -1, "filename": "unipacker-0.0.3-py3-none-any.whl", "has_sig": false, "md5_digest": "22a0638a7852c6d65a3513723a2d3555", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.6", "size": 3723990, "upload_time": "2019-05-23T16:09:25", "url": "https://files.pythonhosted.org/packages/b5/11/68fe4f77f29bc7b3410172353f127f2224f7a29ea3cd74e1f701532c1e8d/unipacker-0.0.3-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "f15dbe75abaa0a1be0ae3dffc3a812d0", "sha256": "5944a7836f7b5523f53f97acd0e22e5f91ccb0b8b9f7a6700508edcb5b4810df" }, "downloads": -1, "filename": "unipacker-0.0.3.tar.gz", "has_sig": false, "md5_digest": "f15dbe75abaa0a1be0ae3dffc3a812d0", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.6", "size": 33974, "upload_time": "2019-05-23T16:09:26", "url": "https://files.pythonhosted.org/packages/67/c0/68cbe918f0fb7b6c9652193a57f4400c5bb7c26c20285fcd1d9c3c725763/unipacker-0.0.3.tar.gz" } ], "0.0.4": [ { "comment_text": "", "digests": { "md5": "647cb7753bc00b424d6c86e22ac9df42", "sha256": "a9ef00379470a3c21ed8da55daee53da4f2c40eda57acab2c9edeacdad99b3e5" }, "downloads": -1, "filename": "unipacker-0.0.4-py3-none-any.whl", "has_sig": false, "md5_digest": "647cb7753bc00b424d6c86e22ac9df42", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.6", "size": 3723988, "upload_time": "2019-05-23T16:31:39", "url": "https://files.pythonhosted.org/packages/a7/38/61cc455ddb6bd0196a33b06de2dab22ca317a8e0935c6cc8e53631a40423/unipacker-0.0.4-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "91c6d844ee474649ff6605091e5b11f1", "sha256": "5ec7da943afa07aec8bc7c2f49bca735bf3b3b3a2af2aee2dd4a1b094745c17d" }, "downloads": -1, "filename": "unipacker-0.0.4.tar.gz", "has_sig": false, "md5_digest": "91c6d844ee474649ff6605091e5b11f1", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.6", "size": 3709422, "upload_time": "2019-05-23T16:31:41", "url": "https://files.pythonhosted.org/packages/31/47/419ffd04e27a8df0a53f79a6d155abb0c2fc46b2c0ae28a2ad49ecd1c54f/unipacker-0.0.4.tar.gz" } ], "0.0.5": [ { "comment_text": "", "digests": { "md5": "832b6369936a51b4b6b05432365acb37", "sha256": "522e87e3b1fd9308239c353f2a33d125ee4b35710f022e5503c37732df0b791f" }, "downloads": -1, "filename": "unipacker-0.0.5-py3-none-any.whl", "has_sig": false, "md5_digest": "832b6369936a51b4b6b05432365acb37", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.6", "size": 3723988, "upload_time": "2019-05-23T16:53:58", "url": "https://files.pythonhosted.org/packages/aa/63/9b6e1900a6cecb144cf09a16158671c133369874a355106b2fa3def95de9/unipacker-0.0.5-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "47464620d60b2219963da91b14332f2d", "sha256": "801c57e162bd91272d97ce222712d39e8ffd194bb0a894a18f2fe2fdc361c456" }, "downloads": -1, "filename": "unipacker-0.0.5.tar.gz", "has_sig": false, "md5_digest": "47464620d60b2219963da91b14332f2d", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.6", "size": 3709432, "upload_time": "2019-05-23T16:54:01", "url": "https://files.pythonhosted.org/packages/45/1f/30385ade199ba72fa7f35aac5267444c1bb28f018e321efe114c7e7a733f/unipacker-0.0.5.tar.gz" } ], "1.0.0": [ { "comment_text": "", "digests": { "md5": "2fb965817579c4bb45d61400b58a48d5", "sha256": "eda1b878f9c46972ec3826fc4d07e92bb370b9779df998e5b39f577a78ac2b82" }, "downloads": -1, "filename": "unipacker-1.0.0-py3-none-any.whl", "has_sig": false, "md5_digest": "2fb965817579c4bb45d61400b58a48d5", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.6", "size": 3725290, "upload_time": "2019-06-03T17:54:43", "url": "https://files.pythonhosted.org/packages/98/ac/0f1a642f09ebcab327c14e51f2c8002162ad2bd85135b015dcaacc209c40/unipacker-1.0.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "8923179f8d0872a9e64137244b8b3ee5", "sha256": "539f7dae2c906cae7a7dbea5864b76b162411822141a1f2acbd355a169c0a35d" }, "downloads": -1, "filename": "unipacker-1.0.0.tar.gz", "has_sig": false, "md5_digest": "8923179f8d0872a9e64137244b8b3ee5", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.6", "size": 3710577, "upload_time": "2019-06-03T17:54:45", "url": "https://files.pythonhosted.org/packages/2c/9a/49c354a4e4ebfd447abf5ce1b9f5f87cdbc79e94df5734cb9f95cfbc935b/unipacker-1.0.0.tar.gz" } ], "1.0.1": [ { "comment_text": "", "digests": { "md5": "8b690d05bf245708ae359c73d1fed3d8", "sha256": "87fe2999a0eb8451d3c48af1f7c0aaecdfd10570c8049f78f438039aadcd2505" }, "downloads": -1, "filename": "unipacker-1.0.1-py3-none-any.whl", "has_sig": false, "md5_digest": "8b690d05bf245708ae359c73d1fed3d8", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.6", "size": 3726824, "upload_time": "2019-06-17T07:40:22", "url": "https://files.pythonhosted.org/packages/0d/a9/f056639a41a632e520e652f69bac54a24b7447d95fb1c0d2c00d6984f7c8/unipacker-1.0.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "9965e0a0d4b1b8d58120cc22891212e5", "sha256": "96d081d11b5ad79ff510502c7551ce9a930bd486e04de016ca0fc63f8d3e938f" }, "downloads": -1, "filename": "unipacker-1.0.1.tar.gz", "has_sig": false, "md5_digest": "9965e0a0d4b1b8d58120cc22891212e5", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.6", "size": 3711770, "upload_time": "2019-06-17T07:40:25", "url": "https://files.pythonhosted.org/packages/d1/81/491dea15a1a5096e872d4ff950791bfb7e89b68df2dd303c0ff1f518b04a/unipacker-1.0.1.tar.gz" } ], "1.0.2": [ { "comment_text": "", "digests": { "md5": "692ede878093277a8fea51db72a49e1a", "sha256": "4c34a0452ca5244f69f648fa6417e4eba4ff52f668833835c3f0723f3fca4364" }, "downloads": -1, "filename": "unipacker-1.0.2-py3-none-any.whl", "has_sig": false, "md5_digest": "692ede878093277a8fea51db72a49e1a", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.6", "size": 3727021, "upload_time": "2019-09-24T11:32:11", "url": "https://files.pythonhosted.org/packages/85/8e/d87b69c887314d0ec18421ff79b879832f2ec51d7b73469215ee2e439523/unipacker-1.0.2-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "a9cb5e1275282fe3e64d76d6b2758d31", "sha256": "93620545e540528c61db9f6bccdb96d510e72692ff5dbf828526f25690d1e18d" }, "downloads": -1, "filename": "unipacker-1.0.2.tar.gz", "has_sig": false, "md5_digest": "a9cb5e1275282fe3e64d76d6b2758d31", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.6", "size": 3711969, "upload_time": "2019-09-24T11:32:13", "url": "https://files.pythonhosted.org/packages/f6/f1/dea598c118223421a9ce495832595639d6fdf3b94b35c3b29b244dfb17a7/unipacker-1.0.2.tar.gz" } ], "1.0.3": [ { "comment_text": "", "digests": { "md5": "1a65a5f14a3b7356291a5c1445fddc71", "sha256": "15e62d689a9f2e89d6c19ee3daec2e0feaeb998ec8ac5e313c52fa58342fb327" }, "downloads": -1, "filename": "unipacker-1.0.3-py3-none-any.whl", "has_sig": false, "md5_digest": "1a65a5f14a3b7356291a5c1445fddc71", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.6", "size": 3727028, "upload_time": "2019-10-01T16:41:04", "url": "https://files.pythonhosted.org/packages/71/ff/604a2e01af7bac85d4cae260beb0b3e6de463fc2b7888e3d4d64b41bff4f/unipacker-1.0.3-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "46b1d304fe6040098e2893642cc3225a", "sha256": "b83e6e814332ef21c557b934e292e5467309663e1b104fcedfaf7d10b902207f" }, "downloads": -1, "filename": "unipacker-1.0.3.tar.gz", "has_sig": false, "md5_digest": "46b1d304fe6040098e2893642cc3225a", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.6", "size": 3711979, "upload_time": "2019-10-01T16:41:07", "url": "https://files.pythonhosted.org/packages/f4/30/54e03d685f51829272e769d00e7b76a154b98b393c629f40309ff85f7454/unipacker-1.0.3.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "1a65a5f14a3b7356291a5c1445fddc71", "sha256": "15e62d689a9f2e89d6c19ee3daec2e0feaeb998ec8ac5e313c52fa58342fb327" }, "downloads": -1, "filename": "unipacker-1.0.3-py3-none-any.whl", "has_sig": false, "md5_digest": "1a65a5f14a3b7356291a5c1445fddc71", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.6", "size": 3727028, "upload_time": "2019-10-01T16:41:04", "url": "https://files.pythonhosted.org/packages/71/ff/604a2e01af7bac85d4cae260beb0b3e6de463fc2b7888e3d4d64b41bff4f/unipacker-1.0.3-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "46b1d304fe6040098e2893642cc3225a", "sha256": "b83e6e814332ef21c557b934e292e5467309663e1b104fcedfaf7d10b902207f" }, "downloads": -1, "filename": "unipacker-1.0.3.tar.gz", "has_sig": false, "md5_digest": "46b1d304fe6040098e2893642cc3225a", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.6", "size": 3711979, "upload_time": "2019-10-01T16:41:07", "url": "https://files.pythonhosted.org/packages/f4/30/54e03d685f51829272e769d00e7b76a154b98b393c629f40309ff85f7454/unipacker-1.0.3.tar.gz" } ] }