Quick Unpack is a generic unpacker that facilitates the unpacking process.
- Download link: https://dl.dropboxusercontent.com/u/10761700/Quick_Unpack_2.2.Tool.tPORt.rar
- Mirror: http://dfiles.eu/files/7w625zzad
Let's take the following malware:
C:\Documents and Settings\malware\Bureau>md5sum windowsxp2.exe f04cb834ac843ad08a1a5c17e4f67ba3 *windowsxp2.exe
Once you have opened Quick Unpack, click on the "Open file" to select your executable and then click on the ">" icon as follows:
There are 2 methods but the first one (Force OEP) should work just fine for our case. Then check the "use force unpacking" option and click "Full unpack".
After a short while, you should see following screen:
At this stage, Quick Unpack will attempt to automatically fix the PE headers and will save the unpacked executable under the name originalname__.exe if the original file was originalname.exe.