UNPACME is an automated malware unpacking service. Submissions to UNPACME are analyzed using a set of custom unpacking processes maintained by OpenAnalysis. These processes extract all encrypted or packed payloads from the submission and return a unique set of payloads to the user. In short, UNPACME automates the first step in your malware analysis process.

What We Unpack

UNPACME will only extract packed or encrypted Windows Portable Executable (PE) files that are embedded in the submission. Our unpacking services do not allow the submissions to make network connections, we do not download second stage payloads for droppers or downloaders.

We are continuously developing and expanding our suite of unpacking processes to cover new and difficult packing techniques, however our public unpacking service is limited to extracting full PE payloads only. For access to our private research services, including shell code extraction, and automated de-obfuscation please Contact Us.

Free to Use

UNPACME free for non-commercial use in accordance with our Terms of Service.

All free accounts are rate limited and have a restricted maximum number of submissions each month. For access to a higher submission limit, and commercial use, please see our available Plans and Pricing.

API Access

The UNPACME website is a front end for our unpacking services. We also provide direct API access to our services with on-demand scalability. Documentation for our API can be found here.