Python 3 script unpacking statically x86 CryptOne packer

Dec 03, 2021 1 min read

de-CryptOne v.2

Is a python 3 script which unpacks statically x86 samples packed with CryptOne packer versions from 2021/08 until now (2021/12).

Usage

~$ python3 decrypt1v2.py sample.bin

Example

Requirements (Latest tested)

Yara, Version 3.9.0
yara-python, Version 4.1.0
pefile, Version 2021.5.24

Support

In case some files are not working, please make sure it is packed with CryptOne, if yes please provide me the hash in a DM ().

Also, if you managed to obtain a x64 sample please send me over to add support.

Enjoy while unpacking ?

GitHub

View Github

Scripts

John was the first writer to have joined pythonawesome.com. He has since then inculcated very effective writing and reviewing culture at pythonawesome which rivals have found impossible to imitate.

Python 3 script unpacking statically x86 CryptOne packer

de-CryptOne v.2

Usage

Example

Requirements (Latest tested)

Support

GitHub

John

A method used by most of the real-time network to split the packets into different paths rather than transferring it through a single path

Stream comments, submissions from subreddits and users across reddit right in your terminal

de-CryptOne v.2

Usage

Example

Requirements (Latest tested)

Support

GitHub

A method used by most of the real-time network to split the packets into different paths rather than transferring it through a single path

Stream comments, submissions from subreddits and users across reddit right in your terminal

You might also like...