Skip to content
/ Vm2Import Public
forked from nblog/Vm2Import

fix vmprotect import function used unicorn-engine.

0 stars 27 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

LordGarfio/Vm2Import

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
images
images
 
 
release
release
 
 
README.md
README.md
 
 

Repository files navigation

Vm2Import

fix vmprotect import function used unicorn-engine.

it can repair functions such as call [module.function] or jmp [module.function] or reg(mov) [module.function] that are statically imported by the VM.

it is effective in vmp2 and vmp3.

Use

  1. copy to x64dbg
x64dbg\release\x32\plugins\unicorn.dll

x64dbg\release\x32\plugins\Vm2Import.dp32

x64dbg\release\x64\plugins\unicorn.dll

x64dbg\release\x64\plugins\Vm2Import.dp64

  1. select "VM_Start" call vmp0.xxxxxxxx, right click menu "Vm2Import"->"Fix Import Call Address"

repair menu preview

  1. repair.

repair preview

original sample:

original preview

Thanks

About

fix vmprotect import function used unicorn-engine.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C++ 74.3%
  • C 11.9%
  • HTML 7.0%
  • JavaScript 2.4%
  • Python 1.5%
  • Objective-C 1.5%
  • Other 1.4%