Enigma Virtual Box Unpacker / 解包工具
Project description
evbunpack
Enigma Virtual Box unpacker
Features
- Executable unpacking
- TLS, Exceptions, Import Tables and Relocs are recovered
- Executables with Overlays can be restored as well
- Enigma loader DLLs and extra data added by the packer is stripped
- Virtual Box Files unpacking
- Supports both built-in files and external packages
- Supports compressed mode
Tested Versions
Packer Version | Notes | Unpack with Flags |
---|---|---|
10.70 | Automatically tested in CI for x86/x64 binaries. | None |
9.60 | Limited testing. | --legacy-pe |
7.80 | Automatically tested in CI for x86/x64 binaries | --legacy-fs --legacy-pe |
Installation
For Windows Users : Builds are available here
Or get the latest version from PyPi:
pip install evbunpack
Usage
usage: evbunpack [-h] [--log-level {DEBUG,INFO,WARNING,ERROR,CRITICAL}] [-l] [--ignore-fs] [--ignore-pe] [--legacy-fs] [--legacy-pe] [--out-dir OUT_DIR] [--out-pe OUT_PE] file
Enigma Virtual Box Unpacker
options:
-h, --help show this help message and exit
--log-level {DEBUG,INFO,WARNING,ERROR,CRITICAL}
Set log level
Flags:
-l, --list Don't extract the files and print the table of content to stderr only
--ignore-fs Don't extract virtual filesystem
--ignore-pe Don't restore the executable
--legacy-fs Use legacy mode for filesystem extraction
--legacy-pe Use legacy mode for PE restoration
Output:
--out-dir OUT_DIR Output folder
--out-pe OUT_PE (If the executable is to be recovered) Where the unpacked EXE is saved. Leave as-is to save it in the output folder.
Input:
file File to be unpacked
Credits
License
Apache 2.0 License
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
evbunpack-0.2.0.tar.gz
(14.7 kB
view hashes)
Built Distribution
evbunpack-0.2.0-py3-none-any.whl
(15.2 kB
view hashes)
Close
Hashes for evbunpack-0.2.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | ca209ff603825aa0dfafea5cdfb64d5e4647bbda1b11bf28254724e7021c13df |
|
MD5 | 17f2c50cbfa374bafca1953144e92e17 |
|
BLAKE2b-256 | bfafb601e2bf9028869e8d8a9a4ebd971d5541e0cad1dccca155ecdfcb845459 |