Jump to content
Tuts 4 You

About This File

First of all, I need to say sorry. Probably you will see a lot of mistakes because of my english but I hope you will understand me.

This article aim to explain how Code Virtualizer works. During the last month, I spent all my free time analysing the Code Virtualizer Demo 1.0.1.0 unpacked by softworm. Fortunately, I nished my analysis and I can say that this is the best software I have seen before. Not best in the meaning of protection, but in the meaning of organization. This was the most pleasing software I have analysed.

Three important things to notice are that the description and explanation of the code disassembled by OllyDbg is done in the code execution order. Most things that I am going to say are applicable only for the 1.0.1.0 version of Code Virtualizer. For comments on new versions, see "Hopes for the Future and Acknowledgments. And I will not threat the 64-bit case.

This article is divided in three parts. Firstly I am going to talk about how theVirtual Machine is generated and why Oreans[4] says that each Virtual Machine has its own characteristics. Secondly I use the concepts described before to explain how the Virtual Opcodes are generated, how they are executed and why they emulate the original code of an application. The last part is a bonus: you are going to learn how to make an unpacked version of Code Virtualizer full.

Enjoy this article and I hope you learn something reading it.


User Feedback

Recommended Comments

There are no comments to display.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...