PackerAttacker

Aici puteti posta software nou dezvoltat de dumneavoastra.
Software news and new software launch.

PackerAttacker

Post Number:#1  Postby rukov » 14 Oct 2015 11:34

The Packer Attacker is a generic hidden code extractor for Windows malware. It supports the following types of pacers:

Running from heap
Replaceing PE header
Injecting in a process

The Packer Attacker is based on Microsoft Detours.
Compilation

Compile with Microsoft C++ 2010 and Detours library. You'll have two files:

PackerAttackerHook.dll - unpacking engine
PackerAttacker.exe - DLL injector that executes malware and injects PackerAttackerHook.dll

Setting up

Create folder C:\dumps - all the extracted hidden code will be saved there
Put PackerAttacker.exe and PackerAttackerHook.dll to %PATH%
If it's a clean machine you're going to need MSVC++ redistributable

Usage

PackerAttacker.exe
Misc

Currently only PE EXE files are supported.


Download
Hidden Content
This board requires you to be registered and logged-in before you can view hidden content.
User avatar
rukov
Mediu
Mediu
Progress to next rank:
48%
 
Status: Offline
Posts: 74
Joined: 23 Jan 2014 12:43

Invitations sent: 0
Referrals: 1
Local time: 21 Nov 2017 07:34
Has thanked: 25 times
Been thanked: 71 times

Return to Lansari de software

Who is online

Users browsing this forum: Google [Bot] and 3 guests

cron