Uses AutoIt-Ripper to automatically extract embedded AutoIt scripts and resources from compiled binaries.
Author: CERT.pl
Maintainers: nazywam
Consumes:
{
"type": "sample",
"stage": "recognized",
"kind": "runnable",
"platform": "win32"
}, {
"type": "sample",
"stage": "recognized",
"kind": "runnable",
"platform": "win64"
}
Produces:
{
"type": "sample",
"kind": "raw"
}, {
"type": "sample",
"kind": "script",
"stage": "analyzed",
"extension": "au3",
}
First of all, make sure you have setup the core system: https://github.com/CERT-Polska/karton
Then install karton-autoit-ripper from PyPi:
$ pip install karton-autoit-ripper
$ karton-autoit-ripper