Thread: XVolkolak
View Single Post
  #1  
Old 04-01-2018, 00:12
hors's Avatar
hors hors is offline
Developer
 
Join Date: Aug 2014
Posts: 71
Rept. Given: 16
Rept. Rcvd 111 Times in 52 Posts
Thanks Given: 27
Thanks Rcvd at 652 Times in 64 Posts
hors Reputation: 100-199 hors Reputation: 100-199
XVolkolak

Xvolkolak is an unpacker emulator.
Unlike programs of this type, it does not use DebugAPI and other features of the operating system. Everything is emulated. You can safely unpack malware for further investigation without the risk of damaging the system.
All machine instructions are not executed on a real processor, so unpacking occurs regardless of the processor type and the operating system.
It is possible to unpack 64 bit files on 32 operating systems.
This build emulates the processors intel x86 and AMD64.
It supports unpacking 32 and 64 bit Windows executable files. If there is community interest, it will be possible to unpack other executable files (ELF, MSDOS, Mach-O) and other processors.

Due to its capabilities, with the correct manual setting, the program engine can be used to unpack almost any packer / tread.
However, this version of the program works in a fully automatic mode and can only unpack simple non-commercial unpackers such as:

UPX
ASPack
NsPack
Mpress
MEW
(Win) Upack
FSG
and some others.

The version of the program with the possibility of unpacking commercial protectors (such as VMProtect, ASProtect and others) will not appear in the public domain for obvious reasons.

The program is absolutely free for non-commercial and commercial use.

This version is for Windows. If you need a build for Linux, please let me know with the exact name of the operating system (for example Ubuntu 17.10 64 bit). The version for Linux is completely identical to the version of Windows.

The program is still in alpha status, so I would be grateful for all the comments on the program, as well as for links to files with simple packers. First of all, packed samples of malicious programs are of interest. Address for communication horsicq [at] gmail.com.

Download
More info

Last edited by hors; 07-12-2018 at 16:52. Reason: New version
Reply With Quote
The Following 23 Users Say Thank You to hors For This Useful Post:
an0rma1 (05-31-2018), bolo2002 (04-02-2018), Corsten (05-15-2018), foosaa (07-09-2018), h4sh3m (04-03-2018), Insid3Code (04-10-2018), kienmanowar (04-01-2018), Levis (06-02-2018), LordGarfio (04-08-2020), MarcElBichon (04-01-2018), Nacho_dj (05-30-2018), niculaita (04-01-2018), nimaarek (10-24-2018), NoneForce (05-30-2018), nulli (04-03-2018), ontryit (06-01-2018), sh3dow (04-17-2018), Stingered (04-01-2018), taos (04-05-2018), tonyweb (04-01-2018), uranus64 (04-03-2018), virus (04-03-2018), wilson bibe (04-01-2018)