├── .gitignore
├── README.md
├── bits.py
├── crypto.py
├── deobfuscator
    ├── __init__.py
    ├── assets
    │   ├── hashes.mlwr.csv
    │   ├── template.exe
    │   ├── test.csv
    │   └── winlibs.mlwrhash.csv
    ├── commons.py
    ├── libs
    │   ├── __init__.py
    │   └── sections.py
    ├── nymaim_cli.py
    ├── rebuild.py
    └── rules
    │   ├── __init__.py
    │   ├── nymaim.py
    │   └── nymaim_base.py
├── keys.py
├── lib
    ├── _serpent.c
    ├── aplib.so
    └── serpent.so
├── libs
    ├── __init__.py
    ├── misc.py
    └── stream.py
├── nymaim.py
├── nymaimlib.py
├── nymcfglib.py
├── nymcnclib.py
├── pcapextract.py
└── printer.py


/.gitignore:
--------------------------------------------------------------------------------
1 | .idea
2 | *.pyc
3 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/README.md


--------------------------------------------------------------------------------
/bits.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/bits.py


--------------------------------------------------------------------------------
/crypto.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/crypto.py


--------------------------------------------------------------------------------
/deobfuscator/__init__.py:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/deobfuscator/assets/hashes.mlwr.csv:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/deobfuscator/assets/hashes.mlwr.csv


--------------------------------------------------------------------------------
/deobfuscator/assets/template.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/deobfuscator/assets/template.exe


--------------------------------------------------------------------------------
/deobfuscator/assets/test.csv:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/deobfuscator/assets/test.csv


--------------------------------------------------------------------------------
/deobfuscator/assets/winlibs.mlwrhash.csv:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/deobfuscator/assets/winlibs.mlwrhash.csv


--------------------------------------------------------------------------------
/deobfuscator/commons.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/deobfuscator/commons.py


--------------------------------------------------------------------------------
/deobfuscator/libs/__init__.py:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/deobfuscator/libs/sections.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/deobfuscator/libs/sections.py


--------------------------------------------------------------------------------
/deobfuscator/nymaim_cli.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/deobfuscator/nymaim_cli.py


--------------------------------------------------------------------------------
/deobfuscator/rebuild.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/deobfuscator/rebuild.py


--------------------------------------------------------------------------------
/deobfuscator/rules/__init__.py:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/deobfuscator/rules/nymaim.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/deobfuscator/rules/nymaim.py


--------------------------------------------------------------------------------
/deobfuscator/rules/nymaim_base.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/deobfuscator/rules/nymaim_base.py


--------------------------------------------------------------------------------
/keys.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/keys.py


--------------------------------------------------------------------------------
/lib/_serpent.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/lib/_serpent.c


--------------------------------------------------------------------------------
/lib/aplib.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/lib/aplib.so


--------------------------------------------------------------------------------
/lib/serpent.so:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/lib/serpent.so


--------------------------------------------------------------------------------
/libs/__init__.py:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/libs/misc.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/libs/misc.py


--------------------------------------------------------------------------------
/libs/stream.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/libs/stream.py


--------------------------------------------------------------------------------
/nymaim.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/nymaim.py


--------------------------------------------------------------------------------
/nymaimlib.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/nymaimlib.py


--------------------------------------------------------------------------------
/nymcfglib.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/nymcfglib.py


--------------------------------------------------------------------------------
/nymcnclib.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/nymcnclib.py


--------------------------------------------------------------------------------
/pcapextract.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/pcapextract.py


--------------------------------------------------------------------------------
/printer.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CERT-Polska/nymaim-tools/HEAD/printer.py


--------------------------------------------------------------------------------