HellSpider Posted April 25, 2017 Share Posted April 25, 2017 (edited) Difficulty : 8 Language : C++ Platform : Windows 32-bit and 64-bit OS Version : All Packer / Protector : VMProtect 3.0.9 Description : The objective is to interpret virtualized functions in the attached binaries. No additional options have been used - no memory protection, no import protection and no compression. The virtualized function(s) will execute when the following key(s) is/are pressed: VMP32 (V1) : P VMP32 (V2) : 1 and 2 VMP64 (V1) : P VMP64 (V2) : 1 and 2 The virtualized functions are not very large. Detailed information of the interpreting procedure/internals or a complete solution paper is preferable. I will post similar challenges for other protectors if someone supplies me with a recent version (CodeVirtualizer, Themida, Enigma ...). Accepted solutions: VMP32 (V1) : @Raham VMP32 (V2) : @Raham VMP64 (V1) : @SmilingWolf @fvrmatteo VMP64 (V2) : @fvrmatteo @SmilingWolf @mrexodia @xSRTsect Files: devirtualizeme32_vmp_3.0.9_v1.rar devirtualizeme32_vmp_3.0.9_v2.rar devirtualizeme64_vmp_3.0.9_v1.rar devirtualizeme64_vmp_3.0.9_v2.rar Screenshot : Edited November 25, 2018 by HellSpider Awards 2 Link to comment Share on other sites More sharing options...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!Register a new account
Already have an account? Sign in here.Sign In Now