This tool will help conversion VirtualOpcodes -> Assembly Instruction
restoring the original code of your virtualized Application, the basic engine
was from CodeUnvirtualizer, my other tool
[Features]
- Supports WinLicense/Themida/CodeVirtualizer Cisc Machines
- Supports almost all common opcodes
- Supports CHECK_MACRO_PROTECTION
- Supppots MultiBranch Tech
[Use]
- Right-click on the jump leading to the Virtual Machine Area and press Unvirtualize (If machine isn't found
you have to click again, after checking that the full machine was correctly deofuscated)
[Oreans UnVirtualizer]
[v1.0]
- First public Version
[Request]
- Since is almost impossible to create a full database with every opcode combination
I would appreciate if you got errors by some unknown opcodes, wrong decompiled, etc
a full diagnosis including Cisc_Vo_Dump.txt, Cisc_Vo_Syntax.txt, Cisc_Uv_Dump.txt and
Cisc_Iat_XXXXXX.txt file on your report
Please respect the copyright from the Internet. Пожалуйста, уважайте авторское право в Интернете. 來源于互聯網, 請尊重版權. 所發資源全部來自對互聯網公共資源的收集和整理,僅供學習之用,請于下載后24小時自行刪除! Issued by all the resources of public resources from the Internet to collect and collate, study purposes only, please delete themselves 24 hours after downloading! Выпущено всеми ресурсами государственных ресурсов из Интернет а на сбор и обобщение, изучение целей, пожалуйста, удалите себя 24 часов после скачивания! You can Google.
Программное обеспечение выпуска и Windows Crack Обучение Нам-Dabei Guanyin Бодхисаттва Нам без митабха
[v1.7] - FISH machine avaible (WHITE and RED variants) - Added Vm signatures
Hi all, the new version of this plug-in supports the FISH virtual machine, WHITE and RED variants.
Some words about this machine...
It mixes both CISC and RISC architecture, but the code isn't like template anymore, every virtual machine has a new different number of handlers, and every handler contains a different execution path, a little tricky, but nothing that can't be 'devirtualized' , maybe i'll write a paper about FISH and TIGER machines later.
Some specs that aren't coded yet: - Support for Check macro; - Sort algo is very unstable - This plugin may crash when deofuscating very rare sequences, (most of them are 'expected' specially when crash was due to an ud2 instruction). - Suppor for BLACK variants
... About TIGER, I have no plans for the moment, but it isn't very different from FISH analog. Plug-in was tested with 2.2.6.0 version, other versions may have variants that this plug-in couldn't handle.
[v1.8] - FISH BLACK variant avaible - Fixed deofuscation order (GenV6) - New deofucation scheme for FISH machine - New smart code tracer for FISH machines - Stack sort for FISH commands - Improved management of memory (faster deofuscation) - Added movzx reg32, [esp+eax+memoffset] on CISC machines - Added a message prompt when the opcode buffer is not enough - Added LEAVE instruction for FISH machines - Added support for CALLs to VM section in FISH machines - CHECK_PROTECTION macro disabled, now it must be restored by hand - Fixed QWORD incorrect names for some opcodes - Fixed a problem when deofuscating RISC machines
