A simple unpacking tool for the zipExec Crypter by Tylous. Since this Crypter will likely be used for malicious purposes sooner rather than later I chose to write this unpacking script and a matching Yara rule to detect the usage of zipExec. The samples in test-files/ are crypted versions of the Windows Calculator applicationcalc.exe.
go run zipExec_unpack.go path/to/sample.js