Skip to content

Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.

License

Notifications You must be signed in to change notification settings

DissectMalware/batch_deobfuscator

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Introduction

By using this python script, you can deobfuscate a batch script that is obfuscated with string substitution and escape character techniques.

Running the script

To run the script

python  batch_interpreter.py --file c:\test\obfuscated_file.bat

* The code was written in a hurry and needs a major refactoring. Please stay tuned.

Use as a lib

from batch_deobfuscator.batch_interpreter import BatchDeobfuscator,handle_bat_file
deobfuscator = BatchDeobfuscator()
itsthewine=handle_bat_file(deobfuscator,'/home/petersichel/comfortable_study/newyorktownhouse.bat')

About

Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages