karton-retdec-unpacker

This module leverages AVAST's ReTDec unpacking module for processing UPX payloads.

Consumes

{
    "type": "sample",
    "stage": "recognized"
}

Produces

{   
    "type": "sample",
    "kind": "raw"
}

A custom tag stage:unpacked will also be attached to unpacked children.

Relations example

In the example below, the original sample (Aut2Exe + UPX) 01938b56e0d22320, gets unpacked by karton-retdec-unpacker, generating child 8171b20c21801b74. 1e80b088f79a8b61 is generated by karton-autoit-ripper

Setup and configuration

Dependencies

$ curl -s https://api.github.com/repos/avast/retdec/releases/latest | grep browser_download_url | awk -F"\":" '{print $2}' | tr -d "\"" | grep ubuntu | wget -q --show-progress -i -
# e.g. retdec-v4.0-ubuntu-64b.tar.xz
$ tar xvf retdec-v4.0-ubuntu-64b.tar.xz
$ cd retdec/bin
$ sudo ln -s retdec-unpacker.py /usr/local/bin/retdec-unpacker

Module install

$ git clone https://github.com/raw-data/karton-retdec-unpacker/
$ cd karton-retdec-unpacker/
$ python3 -m venv .venv
$ source .venv/bin/active
$ pip install .

$ karton-retdec-unpacker

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
docs		docs
karton/retdec_unpacker		karton/retdec_unpacker
.gitignore		.gitignore
README.md		README.md
requirements.txt		requirements.txt
setup.py		setup.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

karton-retdec-unpacker

Consumes

Produces

Relations example

Setup and configuration

Dependencies

Module install

About

Releases

Packages

Languages

raw-data/karton-retdec-unpacker

Folders and files

Latest commit

History

Repository files navigation

karton-retdec-unpacker

Consumes

Produces

Relations example

Setup and configuration

Dependencies

Module install

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages