Myapp malware crypter – static unpacker

Malware won’t die unless you help it..

Ok this is gonna be a rather short one, For those into analyzing malware might have noticed a pretty common crypter is floating around. I call it the ‘Myapp’ since the binary’s contains a string ‘c:\myapp.exe’. after the analyzing the stub i noticed it’s kinda easy to write a static unpacker for for(it uses a modified RC4 encryption)


The unpacker

source code :
I have tested it over many binary’s and always with success so now it’s time to share this, use it on your own risk!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s