Thread: SMD For Agile
View Single Post
  #18  
Old 05-02-2020, 14:48
CodeCracker CodeCracker is offline
Family
 
Join Date: Jun 2011
Posts: 346
Rept. Given: 19
Rept. Rcvd 284 Times in 89 Posts
Thanks Given: 13
Thanks Rcvd at 1,252 Times in 262 Posts
CodeCracker Reputation: 200-299 CodeCracker Reputation: 200-299 CodeCracker Reputation: 200-299
More note on how you deal with Agile:

https://lifeinhex.com/string-decryption-with-de4dot/

For decrypting strings:
de4dot hello-3.exe --strtyp delegate --strtok 0x060004EC

0x060004EC is the string decryption method - you will have to find manually browsing in Reflector/dnspy.

Force to packer unknown on first deobfuscation:
-p un

I don't know why you have to clean that many times until it got it right (1+2):
.... _msil-cleaned-cleaned-cleaned.exe

SimpleMSILDecryptorForAgile will only decryt methods and is not an unvirtualizer.

Still don't understand why SMD For Agile isn't working for some user not even with NetBox 4. For me all worked fine even on different machines.
Reply With Quote
The Following User Says Thank You to CodeCracker For This Useful Post: