๐Ÿ”’ Malware Zipper

Safely package suspected malware samples for analysis with password protection

GitHub Stars Latest Release License
View Source Code Download .exe

๐Ÿ“‹ Overview

Malware Zipper is a Python utility that safely packages suspected malware samples for analysis by compressing them with password protection using the industry-standard password "infected". This tool ensures samples can be safely transported and stored without accidental execution.

โœจ Key Features

๐Ÿ”

Password Protection

Automatically applies "infected" password (industry standard) to all compressed malware samples

๐Ÿ›ก๏ธ

Strong Encryption

Uses AES-256 encryption via 7z when available for maximum security

๐Ÿ–ฅ๏ธ

Cross-Platform

Works on Windows, Linux, and macOS with automatic tool detection

โš™๏ธ

Multiple Methods

Tries 5 different compression methods in order of security strength

๐Ÿงน

Auto Cleanup

Automatically removes temporary files after packaging

๐Ÿ“ฆ

Batch Processing

Package multiple files in a single command

๐Ÿ” How It Works

1

Input Files

Accepts malware sample file paths as command-line arguments

2

Tool Detection

Checks for available compression tools on your system

3

Compression

Attempts packaging methods sequentially until one succeeds

4

Encryption

Applies optional encoding layer for weak encryption methods

5

Output

Generates password-protected archive with "_suspicious" suffix

๐Ÿ› ๏ธ Packaging Methods

The tool attempts multiple methods in order of security preference:

1
7z with AES-256 encryption

Most secure option with strong encryption (auto-downloads on Windows if needed)

2
Unix/Linux zip command

Standard encryption using system zip utility

3
pyminizip library

Python library-based compression with encryption

4
PowerShell Compress-Archive

Windows PowerShell compression (with certutil encoding)

5
Python zipfile module

Built-in fallback option (with certutil encoding on Windows)

๐Ÿ“– Usage

Using Python Script

# Single file
python malware_zipper.py sample.exe

# Multiple files
python malware_zipper.py sample1.exe sample2.dll sample3.bat

# With full path
python malware_zipper.py "C:\Samples\malware.exe"

Using Executable (Windows)

# Single file
malware_zipper.exe sample.exe

# Multiple files
malware_zipper.exe sample1.exe sample2.dll

# Drag and drop files onto the executable also works!

Output

Generated files are named: <filename>_suspicious.zip or <filename>_suspicious.b64 (if encoded)

๐Ÿš€ Installation

Option 1: Download Executable (Windows)

Download the pre-built executable - no Python required!

Download malware-zipper.exe

Option 2: Use Python Script

# Clone the repository
git clone https://github.com/Prof-GP/Other-Useful-Tools.git
cd Other-Useful-Tools

# Run directly (no dependencies required)
python malware_zipper.py sample.exe

Optional Dependencies

# For enhanced compression (optional)
pip install pyminizip

# 7z is automatically downloaded on Windows
# Linux/macOS users can install via package manager:
# apt-get install p7zip-full  (Debian/Ubuntu)
# brew install p7zip          (macOS)

โš ๏ธ Security Notice

Handle with Care

This tool is designed for malware analysts and security professionals. Always handle suspected malware in isolated environments. The standard password "infected" should be communicated to recipients separately from the archive.

  • Use isolated VMs or sandboxes for analysis
  • Never extract archives on production systems
  • Verify samples with antivirus before and after packaging
  • Follow your organization's malware handling procedures

๐Ÿค Contributing

Contributions are welcome! Feel free to submit issues, fork the repository, and create pull requests.

Report an Issue Fork Repository