XORilla

XORilla is a malware analysis tool that aids in the reverse engineering of Windows executables. Developed by the security research firm Mandiant, XORilla focuses on identifying and decrypting malicious code often obfuscated within legitimate-looking files. Its primary function is to detect and deobfuscate code that uses XOR encryption, a common technique employed by malware authors to hide their payloads.

The tool works by analyzing the target executable and searching for patterns indicative of XOR obfuscation.