Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #16  
Old 02-28-2020, 19:59
sajan_saragam sajan_saragam is offline
Friend
 
Join Date: Feb 2020
Location: Asia
Posts: 2
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 2
Thanks Rcvd at 0 Times in 0 Posts
sajan_saragam Reputation: 0
Hey @CodeCracker, @congviet. Can you upload
"SMD_ForAgile_AnyCPU" on any file hosting site? Please..
Reply With Quote
  #17  
Old 03-02-2020, 17:34
CodeCracker CodeCracker is offline
Family
 
Join Date: Jun 2011
Posts: 348
Rept. Given: 19
Rept. Rcvd 285 Times in 90 Posts
Thanks Given: 13
Thanks Rcvd at 1,256 Times in 264 Posts
CodeCracker Reputation: 200-299 CodeCracker Reputation: 200-299 CodeCracker Reputation: 200-299
Quote:
Originally Posted by sajan_saragam View Post
Hey @CodeCracker, @congviet. Can you upload
"SMD_ForAgile_AnyCPU" on any file hosting site? Please..

https://forum.exetools.com/showpost.php?p=117258&postcount=14


https://www76.zippyshare.com/v/3HxU5ELW/file.html
Reply With Quote
  #18  
Old 05-02-2020, 14:48
CodeCracker CodeCracker is offline
Family
 
Join Date: Jun 2011
Posts: 348
Rept. Given: 19
Rept. Rcvd 285 Times in 90 Posts
Thanks Given: 13
Thanks Rcvd at 1,256 Times in 264 Posts
CodeCracker Reputation: 200-299 CodeCracker Reputation: 200-299 CodeCracker Reputation: 200-299
More note on how you deal with Agile:

https://lifeinhex.com/string-decryption-with-de4dot/

For decrypting strings:
de4dot hello-3.exe --strtyp delegate --strtok 0x060004EC

0x060004EC is the string decryption method - you will have to find manually browsing in Reflector/dnspy.

Force to packer unknown on first deobfuscation:
-p un

I don't know why you have to clean that many times until it got it right (1+2):
.... _msil-cleaned-cleaned-cleaned.exe

SimpleMSILDecryptorForAgile will only decryt methods and is not an unvirtualizer.

Still don't understand why SMD For Agile isn't working for some user not even with NetBox 4. For me all worked fine even on different machines.
Reply With Quote
The Following User Says Thank You to CodeCracker For This Useful Post:
  #19  
Old 05-02-2020, 22:41
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 868
Rept. Given: 325
Rept. Rcvd 217 Times in 111 Posts
Thanks Given: 170
Thanks Rcvd at 377 Times in 212 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Quote:
Originally Posted by CodeCracker View Post
More note on how you deal with Agile:



Still don't understand why SMD For Agile isn't working for some user not even with NetBox 4. For me all worked fine even on different machines.
maybe save video how you use it
Reply With Quote
  #20  
Old 01-10-2022, 08:29
halplis halplis is offline
Friend
 
Join Date: Sep 2021
Posts: 1
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 1
Thanks Rcvd at 0 Times in 0 Posts
halplis Reputation: 0
The dll

Hello folks. where I can get SJITHook.dll?

For some reason I cannot download files from the forum so I only could download from one of the external links.
Reply With Quote
  #21  
Old 01-10-2022, 22:46
congviet congviet is offline
Family
 
Join Date: Jun 2010
Location: Vi
Posts: 148
Rept. Given: 30
Rept. Rcvd 76 Times in 42 Posts
Thanks Given: 49
Thanks Rcvd at 51 Times in 29 Posts
congviet Reputation: 76
Quote:
Originally Posted by halplis View Post
Hello folks. where I can get SJITHook.dll?

For some reason I cannot download files from the forum so I only could download from one of the external links.
Check attach file
Attached Files
File Type: zip SMD_Agile.zip (185.3 KB, 8 views)
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unpack Agile.NET Mendax47 General Discussion 2 06-28-2021 21:38
Agile.Net 6.4 Unpack Hexcode General Discussion 7 11-30-2020 17:59


All times are GMT +8. The time now is 01:57.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2022 )