Skip to content
Go to file
Cannot retrieve contributors at this time
35 lines (27 sloc) 1.16 KB


Rapid deployment of Windows environment (files, registry keys, mutex etc) to facilitate malware analysis

rapid_env - Created by Adam Kramer [2015]

This program rapidly sets up a malware analysis environment based on configuration file specified by the user. Configuration file can contain the following lines:

To create a file: file:path=content (content is optional)

To create a registry key: registry:key=value|data (value|data is optional)

To launch a process with specific name: process:process name

To create a mutex: mutex:mutex name

Lines beginning with # are ignored as comments

Example config file:

A file, which has content in

file:C:\Users\User\Documents\test.txt=This is the content of the file

A file, with no content


Notice the registry entry needs to start with HKEY_CURRENT_USER, this can be any other hive but full name is required


Example mutex


This won't run Windows calc.exe, but rather a skeleton process with the name requested


You can’t perform that action at this time.