A dynamic malware unpacker based on Intel Pin and PE-sieve (deploys PE-sieve scan on specific triggers). Caution: during the process the malware will be deployed. Use it on a VM only.
WARNING: this is an experimental version
How to build?
- Clone this repo into
\source\toolsthat is inside your Pin root directory.
- Open the project in Visual Studio.
- Modify the file my_paths.h, and set the path to
_WINDOWS_H_PATH_, appropriate to your environment.
- The other installation steps are analogous to the ones explained in this Wiki.