Oreans UnVirtualizer ODBG Plug-in (WL/TMD/CV)
Hi AllThis tool will help conversion VirtualOpcodes -> Assembly Instruction
restoring the original code of your virtualized Application, the basic engine
was from CodeUnvirtualizer, my other tool
- Supports WinLicense/Themida/CodeVirtualizer Cisc Machines
- Supports almost all common opcodes
- Supports CHECK_MACRO_PROTECTION
- Supppots MultiBranch Tech
- Right-click on the jump leading to the Virtual Machine Area and press Unvirtualize (If machine isn't found
you have to click again, after checking that the full machine was correctly deofuscated)
- First public Version
- Since is almost impossible to create a full database with every opcode combination
I would appreciate if you got errors by some unknown opcodes, wrong decompiled, etc
a full diagnosis including Cisc_Vo_Dump.txt, Cisc_Vo_Syntax.txt, Cisc_Uv_Dump.txt and
Cisc_Iat_XXXXXX.txt file on your report
http://www.mediafire.com/?nxiwurv6rd7njhj
New Version
- Fixed Decode GenV1
- Added CALL
- Video logs Added
- Updated OreansJunk.cfg
Video Samples
http://www.sendspace.com/file/1lscnw
- Fixed Decode MovV1
- Added REP - REPNE - CMPS - MOVS - LODS - STOS - SCAS Instructions
- Added CISC-2 Micro-opcodes UnVirtualizer
- Fixed Decode MovV2
- OreansJunk.cfg updated
- OreansAssembler.cfg updated
- Added Virtual Opcode Mutation Tech
- Fixed Jcc Jumps leading outside Virtual Machine
- Fixed Crash on reading Register Handlers
- Cisc_Vo_Dump.txt is no longer created
- Fixed Identifying Some handler variants
- Added NEG - NOT - BSWAP instructions
- Updated OreansAssembler
- Added Options Panel
- Added Hotkeys
- Added UnVirtualize With/Without Jumps
- Fixed DeOfuscation GenV4
- Added optimization on reading virtual labels
- Updated references panel
http://www.mediafire.com/?yy0tyhunu7wnbyp
老大,这东西干什么用的呢。 全是英文看不懂。应该是个OD的插件吧, 过 WL/TMD/CV的 OD 插件 好像是OD插件!路过看看 不错,支持楼主的分享 支持下 不错 Oreans UnVirtualizer 1.3更新了.
页:
[1]