How to extract a Win32 Cabinet Self-Extractor without executing the extracted file then

For a coursework, I have to analyse a malware.

It is a .EXE Win32 Cabinet Self-extractor file. (that's how windows see it, it actually start with 4D 5A 00 03 Hex). When run, it extract all the files in a folder crea开发者_Python百科ted, run the malware (batch/VBS files) which at the end delete the folder with the malware files.

I was wondering how is it possible to extract witout executing the malware? I used ProcDump32 but it gives me: "Process is not 32bits or can't be loaded or is already finished !".

Somehow, I succeed to stucked ProcDump32 and get the folder for few second and copied it before it "disapear" so I got the files, but I'm not sure I gathered all of them and I would like to do it in a proper way.

So I'm looking for an application which can extract the content of a Win32 Cab Self-Extractor file without executing the output files and, if possible, giving the list of extracted files.

---

You can also use /? on the Self-extractor file, it should show /X:path or /T:path /C to extract the content (according to microsoft kb 262841 and 197147)

---

Use /T:full path of folder /C. Without /C the exe file will be executed.

MySelfExtractingFile.exe /T:C:¥MySelfExtractingFile /C