Oreans UnVirtualizer ODBG Plug-in (WL/TMD/CV) by Deathway
Oreans Unvirtualizer ODBG Plug-inby Deathway.
- First Public Version
- Fixed Decode GenV1
- Added CALL
- Video logs Added
- Updated OreansJunk.cfg
- Fixed Decode MovV1
- Added REP - REPNE - CMPS - MOVS - LODS - STOS - SCAS Instructions
- Added CISC-2 Micro-opcodes UnVirtualizer
- Fixed Decode MovV2
- OreansJunk.cfg updated
- OreansAssembler.cfg updated
- Added Virtual Opcode Mutation Tech
- Fixed Jcc Jumps leading outside Virtual Machine
- Fixed Crash on reading Register Handlers
- Cisc_Vo_Dump.txt is no longer created
- Fixed Identifying Some handler variants
- Added NEG - NOT - BSWAP instructions
- Updated OreansAssembler
- Added Options Panel
- Added Hotkeys
- Added UnVirtualize With/Without Jumps
- Fixed DeOfuscation GenV4
- Added optimization on reading virtual labels
- Updated references panel
- Fixed Cisc - CALL
- Fixed Cisc - SHL REG32, IMMC
- Fixed an issue with odbg when using context menu
- Added TAB key on windows
- Added autofill on FindReferences window
- Risc-64 machine function :)
- Added OreansAssember_Risc.cfg
- Fixed Unvirtualize with Jump on CISC machines
- Fixed some errors when handling signed constants on RISC
- Fixed an issue when processing MOVS instrution on CISC machine
- Fixed some inversion data when processing COMM, REGX, REGX (like XOR EDI,ESI was decoded as XOR ESI,EDI)
- Fixed a problem when handling AH CH DH BH registers on COMM2 instructions
- Added MOVSX - MOVZX - XCHG - IMUL - MUL - DIV - IDIV - PUSHFD - POPFD instructions on RISC
- Added CALL on Cisc Machine
- Added support of dump files on RISC machines
- OreansAssember_Risc.cfg updated
- DLL Support on CISC and RISC machines
- RISC machine re-designed
- Added RISC V2 machines (new branch tech)
- Added Pushad-popad instructions on risc machines
- Fixed some issues with end jump
- Added new detection for virtual machines
- Added abort button
- FISH machine avaible (WHITE and RED variants)
- Added Vm signatures
- FISH BLACK variant avaible
- Fixed deofuscation order (GenV6)
- New deofucation scheme for FISH machine
- New smart code tracer for FISH machines
- Stack sort for FISH commands
- Improved management of memory (faster deofuscation)
- Added movzx reg32, on CISC machines
- Added a message prompt when the opcode buffer is not enough
- Added LEAVE instruction for FISH machines
- Added support for CALLs to VM section in FISH machines
- CHECK_PROTECTION macro disabled, now it must be restored by hand
- Fixed QWORD incorrect names for some opcodes
- Fixed a problem when deofuscating RISC machines
谁能帮分析下,这个是做什么用的 好像OD插件??? 不知道有木有sample,参数不会填啊。 1.8是最新版么
页:
[1]