From 3e2d4e2c17894f4dabfa5f38569a9eb8c49e376e Mon Sep 17 00:00:00 2001 From: vm-packages Date: Mon, 15 Jan 2024 10:27:36 +0000 Subject: [PATCH] Add blobrunner64.vm Closes https://github.com/mandiant/VM-Packages/issues/826. --- packages/blobrunner64.vm/blobrunner64.vm.nuspec | 12 ++++++++++++ packages/blobrunner64.vm/tools/chocolateyinstall.ps1 | 10 ++++++++++ .../blobrunner64.vm/tools/chocolateyuninstall.ps1 | 7 +++++++ 3 files changed, 29 insertions(+) create mode 100644 packages/blobrunner64.vm/blobrunner64.vm.nuspec create mode 100644 packages/blobrunner64.vm/tools/chocolateyinstall.ps1 create mode 100644 packages/blobrunner64.vm/tools/chocolateyuninstall.ps1 diff --git a/packages/blobrunner64.vm/blobrunner64.vm.nuspec b/packages/blobrunner64.vm/blobrunner64.vm.nuspec new file mode 100644 index 000000000..7fb718012 --- /dev/null +++ b/packages/blobrunner64.vm/blobrunner64.vm.nuspec @@ -0,0 +1,12 @@ + + + + blobrunner64.vm + 0.0.5 + OALabs + BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis. + + + + + diff --git a/packages/blobrunner64.vm/tools/chocolateyinstall.ps1 b/packages/blobrunner64.vm/tools/chocolateyinstall.ps1 new file mode 100644 index 000000000..5228dc0a2 --- /dev/null +++ b/packages/blobrunner64.vm/tools/chocolateyinstall.ps1 @@ -0,0 +1,10 @@ +$ErrorActionPreference = 'Stop' +Import-Module vm.common -Force -DisableNameChecking + +$toolName = 'blobrunner64' +$category = 'Utilities' + +$zipUrl = 'https://github.com/OALabs/BlobRunner/releases/download/v0.0.5/blobrunner64.zip' +$zipSha256 = '325e3e26ccdce53cdd8b6665c7ed7d1765fc1c56cd088a5b4433593682c9f503' + +VM-Install-From-Zip $toolName $category $zipUrl -zipSha256 $zipSha256 -consoleApp $true -innerFolder $false diff --git a/packages/blobrunner64.vm/tools/chocolateyuninstall.ps1 b/packages/blobrunner64.vm/tools/chocolateyuninstall.ps1 new file mode 100644 index 000000000..9b17501a7 --- /dev/null +++ b/packages/blobrunner64.vm/tools/chocolateyuninstall.ps1 @@ -0,0 +1,7 @@ +$ErrorActionPreference = 'Continue' +Import-Module vm.common -Force -DisableNameChecking + +$toolName = 'blobrunner64' +$category = 'Utilities' + +VM-Uninstall $toolName $category