[unpackme] VMProtect Ultimate v3.0.1.465 Unpack me.

[Sound]

Unpackme : VMProtect Ultimate v3.0.1.465

Protection option .: Complete Protection

Linker : Delphi 

Download:  

http://release.crack4r.cc/Exercise/VMProtect_Ultimate_v3.0.1.465.UnpackMe.7z

have fun,

 

Best regards,

Sound

 

Edited January 5, 2016 by Sound

[Xjun]

这貌似不是八哥那个呀

[Teddy Rogers]

The [unpackme] tag has been added to your topic title.

Please remember to follow and adhere to the topic title format - thankyou!

[This is an automated reply]

[av999]

what does it mean - " Complete Protection "?

import isn't protected

[Sound]

8 hours ago, av999 said:

what does it mean - " Complete Protection "?

import isn't protected

It's  the greatest protection

import  protected,

 

Best regards,

Sound

 

[SHADOW_UA]

Unpacked

Unpacked.rar

[Sound]

1 hour ago, SHADOW_UA said:

Unpacked

Unpacked.rar

Nice.SHADIW_UA, Very good job.!

What do you think of the new version of that?

Before I had a complete analysis of the whole protection program.  It with the old version, and there is not much difference, Including virtual machines.

 

Best regards,

Sound

[SHADOW_UA]

6 minutes ago, Sound said:

Nice.SHADIW_UA, Very good job.!

What do you think of the new version of that?

Before I had a complete analysis of the whole protection program.  It with the old version, and there is not much difference, Including virtual machines.

 

Best regards,

Sound

There's a new VM architecture in 3.x. Also It now detects virtual machine (vmware) in some new way. Because old tricks with hiding it aren't working anymore.

[Sound]

21 hours ago, SHADOW_UA said:

There's a new VM architecture in 3.x. Also It now detects virtual machine (vmware) in some new way. Because old tricks with hiding it aren't working anymore.

Yes, but the change is not great. In this regard Unpacking,  I cracked the main program including when Patch CRC. This is true..

Thank you for your answer.,

Best regards,

Sound

Edited January 4, 2016 by Sound

[Sound]

13 minutes ago, SHADOW_UA said:

There's a new VM architecture in 3.x. Also It now detects virtual machine (vmware) in some new way. Because old tricks with hiding it aren't working anymore.

I'm going to rest. so late, tomorrow , i when released a protection  for everyone to play with a game...

Best regards,

Sound

[Pancake]

The imports arent protected. I see that the obfuscation of the virtual machine changed totally But the whole logic inside is completly the same

Sound, how did you reconstruct OEP?

Edited January 3, 2016 by Pancake

[Sound]

16 hours ago, Pancake said:

The imports arent protected. I see that the obfuscation of the virtual machine changed totally But the whole logic inside is completly the same

Sound, how did you reconstruct OEP?

imports arent protected.? Should not be, I chose all of the protection. include imports .

yes. the whole logic inside is completly the same. 

For skilled language entry point, this is not a difficult thing.

Best regards,

Sound

 

[DJ_DOGGY]

Hello Shadow_UA,

I saw your interest to unpacking VM protect .

Can you help on one app that does packed with Themida/VMprotect and have some virtualization in it .

It accepts the LCF-AT script for unpacking Themida , but there is still a VMed section in code that needs to be devirtualized (may be).

Thank you.

[converse]

del

Edited July 11, 2016 by converse

[ayman]

hi all

can any body unpack vmprotect ver. 3.x for money plz and build keygen for me

[Dragon Palace]

On Sunday, January 03, 2016 at 0:30 AM, Xjun said:

这貌似不是八哥那个呀

你真搞笑，还貌似？专家已经肯定地鉴定出来，人家明明就是大名鼎鼎的八爷，你不知道吗？

Edited October 6, 2016 by Dragon Palace

[htfxxx]

 

familiar names

[CRoot]

But how to unpack it ?

[AhrimanSefid]

hi me too.

need this.

[abbas]

On 1/3/2016 at 9:25 PM, SHADOW_UA said:

There's a new VM architecture in 3.x. Also It now detects virtual machine (vmware) in some new way. Because old tricks with hiding it aren't working anymore.

hi

you spent your time unpacking it will spend a little more to create a vid tut ?

i hope lct-at returns to unpacking again along with 64 targets.i miss her cool tuts

[Cupcake1337]

Yea me 2, need more help with vmprotect v3.

[GordonRamsay]

still needing help with this i've been trying but seems impossible

[thisistest]

test, Video encryption  

https://pan.baidu.com/s/1uuuWpiquOae6rZt87ILf1w     密码：jtxe

http://www.codelive.cn/index.php/archives/5/

 

[thisistest]

test, Video encryption  

https://pan.baidu.com/s/1uuuWpiquOae6rZt87ILf1w     密码：jtxe

http://www.codelive.cn/index.php/archives/5/

 

test2,Video encryption  

https://pan.baidu.com/s/1nshmQ0IHc8GfKj_3VfQ4fQ

[thisistest]

test2

00206911     00 00 73 75 6E 66 6C 6F 76 65 72 2E 64 6C 6C      ..sunflover.dll
00206921  00 00 00 70 61 74 63 68 00 00 00 31 31 31 31 2D     ...patch...1111-
00206931  32 32 32 32 2D 33 33 33 33 00 00 B2 B9 B6 A1 CD     2222-3333..补丁?
00206941  EA B3 C9 21 0D 0A 00 D5 FD D5 FD B2 B9 B6 A1 21     瓿?...正正补丁!
00206951  0D 0A 00 55 6E 68 6F 6F 6B 20 43 72 65 61 74 65     ...Unhook Create
00206961  57 69 6E 64 6F 77 45 78 41 21 0D 0A 00 00 00 48     WindowExA!.....H
00206971  6F 6F 6B 43 72 65 61 74 65 57 69 6E 64 6F 77 45     ookCreateWindowE
00206981  78 41 0D 0A 00 00 00 73 75 6E 66 6C 6F 76 65 72     xA.....sunflover
00206991  2E 64 6C 6C 20 D4 D8 C8 EB 21 0D                    .dll 载入!...

032ED311  0A 00 00 73 75 6E 66 6C 6F 76 65 72 2E 64 6C 6C  ...sunflover.dll
032ED321  00 00 00 70 61 74 63 68 00 00 00 31 31 31 31 2D  ...patch...1111-
032ED331  32 32 32 32 2D 33 33 33 33 00 00 B2 B9 B6 A1 CD  2222-3333..补丁?
032ED341  EA B3 C9 21 0D 0A 00 D5 FD D5 FD B2 B9 B6 A1 21  瓿?...正正补丁!
032ED351  0D 0A 00 55 6E 68 6F 6F 6B 20 43 72 65 61 74 65  ...Unhook Create
032ED361  57 69 6E 64 6F 77 45 78 41 21 0D 0A 00 00 00 48  WindowExA!.....H
032ED371  6F 6F 6B 43 72 65 61 74 65 57 69 6E 64 6F 77 45  ookCreateWindowE
032ED381  78 41 0D 0A 00 00 00 73 75 6E 66 6C 6F 76 65 72  xA.....sunflover
032ED391  2E 64 6C 6C 20 D4 D8 C8 EB 21 0D                 .dll 载入!...

00206928    68 00000031     push 0x31000000
0020692D    3131            xor dword ptr ds:[ecx],esi               ; ntdll_1.77BB2100
0020692F    312D 32323232   xor dword ptr ds:[0x32323232],ebp
00206935    2D 33333333     sub eax,0x33333333
0020693A    0000            add byte ptr ds:[eax],al
0020693C    B2 B9           mov dl,0xB9
0020693E    B6 A1           mov dh,0xA1
00206940    CD EA           int 0xEA
00206942    B3 C9           mov bl,0xC9
00206944    210D 0A00D5FD   and dword ptr ds:[0xFDD5000A],ecx
0020694A    D5 FD           aad 0xFD
0020694C    B2 B9           mov dl,0xB9
0020694E    B6 A1           mov dh,0xA1
00206950    210D 0A00556E   and dword ptr ds:[0x6E55000A],ecx
00206956    68 6F6F6B20     push 0x206B6F6F
0020695B    43              inc ebx

0020692F    312D 32323232   xor dword ptr ds:[0x32323232],ebp
00206935    2D 33333333     sub eax,0x33333333
0020693A    0000            add byte ptr ds:[eax],al
0020693C    B2 B9           mov dl,0xB9
0020693E    B6 A1           mov dh,0xA1
00206940    CD EA           int 0xEA
00206942    B3 C9           mov bl,0xC9
00206944    210D 0A00D5FD   and dword ptr ds:[0xFDD5000A],ecx
0020694A    D5 FD           aad 0xFD
0020694C    B2 B9           mov dl,0xB9
0020694E    B6 A1           mov dh,0xA1
00206950    210D 0A00556E   and dword ptr ds:[0x6E55000A],ecx
00206956    68 6F6F6B20     push 0x206B6F6F
0020695B    43              inc ebx

032ED32F    312D 32323232   xor dword ptr ds:[0x32323232],ebp
032ED335    2D 33333333     sub eax,0x33333333
032ED33A    0000            add byte ptr ds:[eax],al
032ED33C    B2 B9           mov dl,0xB9
032ED33E    B6 A1           mov dh,0xA1
032ED340    CD EA           int 0xEA
032ED342    B3 C9           mov bl,0xC9
032ED344    210D 0A00D5FD   and dword ptr ds:[0xFDD5000A],ecx
032ED34A    D5 FD           aad 0xFD
032ED34C    B2 B9           mov dl,0xB9
032ED34E    B6 A1           mov dh,0xA1
032ED350    210D 0A00556E   and dword ptr ds:[0x6E55000A],ecx
032ED356    68 6F6F6B20     push 0x206B6F6F

31 31 31 31 2D 32 32 32 32 2D 33 33 33 33