#1
|
||||
|
||||
XVolkolak
Xvolkolak is an unpacker emulator.
Unlike programs of this type, it does not use DebugAPI and other features of the operating system. Everything is emulated. You can safely unpack malware for further investigation without the risk of damaging the system. All machine instructions are not executed on a real processor, so unpacking occurs regardless of the processor type and the operating system. It is possible to unpack 64 bit files on 32 operating systems. This build emulates the processors intel x86 and AMD64. It supports unpacking 32 and 64 bit Windows executable files. If there is community interest, it will be possible to unpack other executable files (ELF, MSDOS, Mach-O) and other processors. Due to its capabilities, with the correct manual setting, the program engine can be used to unpack almost any packer / tread. However, this version of the program works in a fully automatic mode and can only unpack simple non-commercial unpackers such as: UPX ASPack NsPack Mpress MEW (Win) Upack FSG and some others. The version of the program with the possibility of unpacking commercial protectors (such as VMProtect, ASProtect and others) will not appear in the public domain for obvious reasons. The program is absolutely free for non-commercial and commercial use. This version is for Windows. If you need a build for Linux, please let me know with the exact name of the operating system (for example Ubuntu 17.10 64 bit). The version for Linux is completely identical to the version of Windows. The program is still in alpha status, so I would be grateful for all the comments on the program, as well as for links to files with simple packers. First of all, packed samples of malicious programs are of interest. Address for communication horsicq [at] gmail.com. Download More info Last edited by hors; 07-12-2018 at 16:52. Reason: New version |
The Following 23 Users Say Thank You to hors For This Useful Post: | ||
an0rma1 (05-31-2018), bolo2002 (04-02-2018), Corsten (05-15-2018), foosaa (07-09-2018), h4sh3m (04-03-2018), Insid3Code (04-10-2018), kienmanowar (04-01-2018), Levis (06-02-2018), LordGarfio (04-08-2020), MarcElBichon (04-01-2018), Nacho_dj (05-30-2018), niculaita (04-01-2018), nimaarek (10-24-2018), NoneForce (05-30-2018), nulli (04-03-2018), ontryit (06-01-2018), sh3dow (04-17-2018), Stingered (04-01-2018), taos (04-05-2018), tonyweb (04-01-2018), uranus64 (04-03-2018), virus (04-03-2018), wilson bibe (04-01-2018) |
#2
|
|||
|
|||
"The version of the program with the possibility of unpacking commercial protectors (such as VMProtect, ASProtect and others) will not appear in the public domain for obvious reasons."
i'm living for obvious reasons,if you have a version or know where to get it,let me know in private.
__________________
I like this forum! |
#3
|
||||
|
||||
Agree to bolo2002
I'm also interested in the non public version You also can give me a point in PM
__________________
The three worst enemies of the reversers: sun , fresh air and especially this unbearable roar of birds ... |
#4
|
|||
|
|||
wow, ignorance is bliss eh ?
are you aware that hors is the actual author ? its stuff like this that really demotivates authors and destroys projects |
The Following 3 Users Say Thank You to evlncrn8 For This Useful Post: | ||
#5
|
|||
|
|||
Quote:
did i say something against him?No. did i share something exetools only outside?Never. i just asked him if it want to share it in private that's all. both posts reflect more than good knowledges in RE! i don't know what's wrong in my reply. he's the author,free to him to do what he want from that and i doubt it's something that demotivates author and destroys projects.
__________________
I like this forum! |
#6
|
||||
|
||||
The Following 5 Users Gave Reputation+1 to hors For This Useful Post: | ||
deepzero (05-31-2018), Insid3Code (06-01-2018), Levis (06-02-2018), MarcElBichon (05-30-2018), uranus64 (05-31-2018) |
The Following 12 Users Say Thank You to hors For This Useful Post: | ||
Abaddon (06-01-2018), an0rma1 (05-31-2018), copyleft (06-01-2018), Loki (06-01-2018), Nacho_dj (05-30-2018), p4r4d0x (09-07-2018), T-rad (09-07-2018), tonyweb (06-01-2018), uranus64 (05-31-2018), user_hidden (06-01-2018), zeffy (06-02-2018), Zeokat (06-02-2018) |
#7
|
|||
|
|||
@hors
does it support previous Ubuntu LTS ed? eg 14 or 16 |
#9
|
||||
|
||||
The Following 2 Users Gave Reputation+1 to hors For This Useful Post: | ||
MarcElBichon (07-12-2018), taos (07-12-2018) |
The Following 9 Users Say Thank You to hors For This Useful Post: | ||
bolo2002 (07-13-2018), Coldzer0 (07-13-2018), dj-siba (07-12-2018), espkk (07-16-2018), niculaita (07-12-2018), trickyboy (09-06-2018), user_hidden (07-12-2018), wilson bibe (07-12-2018), zeffy (07-13-2018) |
#10
|
|||
|
|||
Was there any body that got a private version? Please pm me, thank you.
|
#11
|
|||
|
|||
Quote:
you didn't seen my post above,it's bad to ask for it.
__________________
I like this forum! |
#12
|
|||
|
|||
The Following User Says Thank You to chants For This Useful Post: | ||
Stingered (01-02-2019) |
#13
|
|||
|
|||
"The version of the program with the possibility of unpacking commercial protectors (such as VMProtect, ASProtect and others) will not appear in the public domain for obvious reasons."
Does such a version actually exist in the first place? Given the fact that VMProtect and other complex protectors have so many options available in their protectors, I seriously doubt whether any single tool by itself can unpack it completely. Want to further confirm that you are not putting up the private version for sale, even to private researchers? I ask since sometimes research tools like these are made available to institutions and researchers, even if not released into the public domain. |
The Following User Says Thank You to Megin For This Useful Post: | ||
sh3dow (06-06-2021) |
#14
|
|||
|
|||
The author has never explicitly said that his Unpaker is capable of unpacking VMprotect.
(Is probably more wishful thinking) |
|
|