Jump to content
Tuts 4 You

[UnPackMe]Unpacking VMProtected Driver

Guest unpackfan

Recommended Posts

Guest unpackfan

Hi guys,

This is a device driver compiled for 32 bit systems and incorporates virtualized instructions, encrypted strings, and every other common protection routine provided by VMProtect 2.

The unpacked driver must be fully loadable and viewable with tools such as IDA.

This is not your run of the mill unpack, and if you require more information just post here.

I had to upload to my box.net account, hope this is ok;


Link to comment

Pretty nice. However would it be required to also compile the VM into x86? (Not that many willing to the time on that.. obfu is lame but the translation is tedious)

Ah well I suppose so because proper VM debugging in ring0 is a pain.

Link to comment
Guest unpackfan

Hi, thanks for the reply.

The virtualized code would need to be viewable in assembler with IDA, i am willing to put a price tag on the successful unpack if you can provide Solution / Example / Timeframe / Tools used so that i can analyse the potential flaws prior to release.

Kind regards,

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...