Jump to content
Tuts 4 You
  • 0
mamo434376

KoiVM Modded 2019

Question

mamo434376
Posted (edited)

Language : .NET
Platform : Windows
OS Version : All
Packer / Protector : MM_KoiVM + KoiVM-Virtualization Modded 2019

Description :

Good Luck!
İyi Şanslar!
удачи

Screenshot :

355187206_EkranAlnts.PNG.a179a56cff8cb3adebb756d0c38a77a1.PNG

UnPackME.exe

Edited by mamo434376 (see edit history)

Share this post


Link to post

6 answers to this question

Recommended Posts

  • 1
ewwink
3 hours ago, mamo434376 said:

nobody could open xd

If you search this forum there are no people that succeed devirutalize koivm, there are two reasons:

first, koivm seem to be avoided  because the creator of koivm are respected by senior .net reverser here.

second, devirtualization is hard and take a lot time.

Share this post


Link to post
  • 0
mamo434376

nobody could open xd

Share this post


Link to post
  • 0
XenocodeRCE

hello (not unpacked, but key found)

 

password is


 

Spoiler

 

MM-KoiVM-a5sdas546fa65sf79aw8e7asd32a21ds


 

VM-ed data is not memory safe, dump memory string with process hacker 2

 

 

Share this post


Link to post
  • 0
mamo434376
6 hours ago, XenocodeRCE said:

hello (not unpacked, but key found)

 

password is


 

  Hide contents

 

MM-KoiVM-a5sdas546fa65sf79aw8e7asd32a21ds

 

 

 

 

VM-ed data is not memory safe, dump memory string with process hacker 2

 

 

:)

I don't care about the password. Security of important codes

Share this post


Link to post
  • 0
Washi

I am mostly wondering why an unpackme needs an anti VM mechanism in place.

I am not running any foreign binaries on my host machine. Yes I can patch it myself, but what is the point? Given the fact that it also takes a huge amount of time to even start up, I find it a little unsettling if I have to be honest.

Edited by Washi
Clarification (see edit history)
  • Like 1

Share this post


Link to post
  • 0
DefCon42
4 hours ago, Washi said:

I am mostly wondering why an unpackme needs an anti VM mechanism in place.

I am not running any foreign binaries on my host machine. Yes I can patch it myself, but what is the point? Given the fact that it also takes a huge amount of time to even start up, I find it a little unsettling if I have to be honest.

That's an interesting point. What *is* the point in that?

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...