From 3445aaa0162bbba93b8711e6564bd2aa392da081 Mon Sep 17 00:00:00 2001 From: vm-packages Date: Mon, 15 Jan 2024 10:31:46 +0000 Subject: [PATCH] Add blobrunner.vm Closes https://github.com/mandiant/VM-Packages/issues/825. --- packages/blobrunner.vm/blobrunner.vm.nuspec | 12 ++++++++++++ packages/blobrunner.vm/tools/chocolateyinstall.ps1 | 10 ++++++++++ packages/blobrunner.vm/tools/chocolateyuninstall.ps1 | 7 +++++++ 3 files changed, 29 insertions(+) create mode 100644 packages/blobrunner.vm/blobrunner.vm.nuspec create mode 100644 packages/blobrunner.vm/tools/chocolateyinstall.ps1 create mode 100644 packages/blobrunner.vm/tools/chocolateyuninstall.ps1 diff --git a/packages/blobrunner.vm/blobrunner.vm.nuspec b/packages/blobrunner.vm/blobrunner.vm.nuspec new file mode 100644 index 000000000..5873cc7b2 --- /dev/null +++ b/packages/blobrunner.vm/blobrunner.vm.nuspec @@ -0,0 +1,12 @@ + + + + blobrunner.vm + 0.0.5 + OALabs + BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis. + + + + + diff --git a/packages/blobrunner.vm/tools/chocolateyinstall.ps1 b/packages/blobrunner.vm/tools/chocolateyinstall.ps1 new file mode 100644 index 000000000..0fbc0d2db --- /dev/null +++ b/packages/blobrunner.vm/tools/chocolateyinstall.ps1 @@ -0,0 +1,10 @@ +$ErrorActionPreference = 'Stop' +Import-Module vm.common -Force -DisableNameChecking + +$toolName = 'blobrunner' +$category = 'Utilities' + +$zipUrl = 'https://github.com/OALabs/BlobRunner/releases/download/v0.0.5/blobrunner.zip' +$zipSha256 = '369ed39086e40fe9ae5404b52cafe0a9b747abb11f2d33d73e5a51097d0ae2a4' + +VM-Install-From-Zip $toolName $category $zipUrl -zipSha256 $zipSha256 -consoleApp $true -innerFolder $false diff --git a/packages/blobrunner.vm/tools/chocolateyuninstall.ps1 b/packages/blobrunner.vm/tools/chocolateyuninstall.ps1 new file mode 100644 index 000000000..86f67fbe3 --- /dev/null +++ b/packages/blobrunner.vm/tools/chocolateyuninstall.ps1 @@ -0,0 +1,7 @@ +$ErrorActionPreference = 'Continue' +Import-Module vm.common -Force -DisableNameChecking + +$toolName = 'blobrunner' +$category = 'Utilities' + +VM-Uninstall $toolName $category