Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 02-25-2023, 20:40
dnvthv dnvthv is offline
Family
 
Join Date: Nov 2010
Posts: 90
Rept. Given: 121
Rept. Rcvd 35 Times in 19 Posts
Thanks Given: 88
Thanks Rcvd at 47 Times in 13 Posts
dnvthv Reputation: 35
Magicmida - Themida unpacker

Magicmida is a Themida auto-unpacker that works on some 32-bit applications. It works on all versions of Windows (XP and later).

Functions:

Unpack: Unpacks the binary you select. The unpacked binary will be saved with an U suffix.
MakeDataSects: Restores .rdata/.data sections. Only works on very specific targets.
Dump process: Allows you to enter the PID of a running process whose .text section will be dumped (overwritten) into an already unpacked file. This is useful after using Oreans Unvirtualizer in OllyDbg. Only works properly if MakeDataSects was done before.
Shrink: Deletes all sections that are no longer needed (if you unvirtualized or if your binary does not use virtualization). Warning: This will break your binary for non-MSVC compilers.

Note: The tool focuses on cleanness of the resulting binaries. Things such as VM anti-dump are explicitly not fixed. If your target has a virtualized entrypoint, the resulting dump will be broken and won't run (except for MSVC6, which has special fixup code to restore the OEP).

Important: Never activate any compatibility mode options for Magicmida or for the target you're unpacking. It would very likely screw up the unpacking process due to shimming.
Anti-anti-debugging

Newer versions of Themida detect hardware breakpoints. In order to deal with this, injecting ScyllaHide is supported. A suitable profile is shipped with Magicmida. You just need to download SycllaHide and put HookLibraryx86.dll and InjectorCLIx86.exe next to Magicmida.exe. Do not overwrite scylla_hide.ini unless you know what you're doing.
Code:
https://github.com/Hendi48/Magicmida
I found from google.
Reply With Quote
The Following 8 Users Say Thank You to dnvthv For This Useful Post:
blue_devil (03-04-2023), CrackDJ (07-31-2023), darkBLACK (03-16-2023), Doit (08-25-2023), Mendax47 (02-26-2023), pnta (08-09-2023), wilson bibe (02-26-2023), yoza (04-24-2023)
  #2  
Old 04-24-2023, 19:12
CZC CZC is offline
Friend
 
Join Date: Jul 2018
Posts: 33
Rept. Given: 0
Rept. Rcvd 30 Times in 4 Posts
Thanks Given: 5
Thanks Rcvd at 140 Times in 19 Posts
CZC Reputation: 30
Does anyone have a compiled "Magicmida.exe" ? I have failed to cross-compile it with lazarus on my linux machine.
Reply With Quote
  #3  
Old 04-24-2023, 19:28
yoza's Avatar
yoza yoza is offline
Moderator
 
Join Date: Aug 2015
Location: Himalaya
Posts: 255
Rept. Given: 97
Rept. Rcvd 255 Times in 90 Posts
Thanks Given: 373
Thanks Rcvd at 1,623 Times in 218 Posts
yoza Reputation: 200-299 yoza Reputation: 200-299 yoza Reputation: 200-299
Quote:
Originally Posted by CZC View Post
Does anyone have a compiled "Magicmida.exe" ? I have failed to cross-compile it with lazarus on my linux machine.
The link above at github (Top page) contents the release : Compiled and sources code.
Please check it up.
Reply With Quote
The Following 2 Users Say Thank You to yoza For This Useful Post:
niculaita (04-25-2023), pnta (11-03-2023)
  #4  
Old 04-25-2023, 17:35
CZC CZC is offline
Friend
 
Join Date: Jul 2018
Posts: 33
Rept. Given: 0
Rept. Rcvd 30 Times in 4 Posts
Thanks Given: 5
Thanks Rcvd at 140 Times in 19 Posts
CZC Reputation: 30
Quote:
Originally Posted by yoza View Post
The link above at github (Top page) contents the release : Compiled and sources code.
I've looked there before but for some reason I couldn't see the binary
Thanks.
Reply With Quote
  #5  
Old 04-25-2023, 20:34
yoza's Avatar
yoza yoza is offline
Moderator
 
Join Date: Aug 2015
Location: Himalaya
Posts: 255
Rept. Given: 97
Rept. Rcvd 255 Times in 90 Posts
Thanks Given: 373
Thanks Rcvd at 1,623 Times in 218 Posts
yoza Reputation: 200-299 yoza Reputation: 200-299 yoza Reputation: 200-299
Quote:
Originally Posted by CZC View Post
I've looked there before but for some reason I couldn't see the binary
Thanks.
Try to download here:
(All release includes the latest ScyllaHide)
Code:
https://mega.nz/file/i1NCXJYK#T36KBmDZMKSKJhcjt16ISSARcTDm8XU63GtjwnEMY8Q
Reply With Quote
The Following 3 Users Say Thank You to yoza For This Useful Post:
ahmadmansoor (05-15-2023), alekine322 (11-03-2023), pnta (11-03-2023)
  #6  
Old 04-25-2023, 21:54
Turkuaz Turkuaz is offline
Family
 
Join Date: Sep 2017
Posts: 161
Rept. Given: 3
Rept. Rcvd 7 Times in 4 Posts
Thanks Given: 39
Thanks Rcvd at 136 Times in 49 Posts
Turkuaz Reputation: 7
Quote:
Originally Posted by yoza View Post
Try to download here:
(All release includes the latest ScyllaHide)
Code:
https://mega.nz/file/i1NCXJYK#T36KBmDZMKSKJhcjt16ISSARcTDm8XU63GtjwnEMY8Q
The file you are trying to download is no longer available
Reply With Quote
The Following User Gave Reputation+1 to Turkuaz For This Useful Post:
bolo2002 (12-13-2023)
  #7  
Old 04-25-2023, 23:50
uranus64 uranus64 is offline
VIP
 
Join Date: Mar 2011
Location: EE
Posts: 315
Rept. Given: 595
Rept. Rcvd 462 Times in 140 Posts
Thanks Given: 480
Thanks Rcvd at 241 Times in 82 Posts
uranus64 Reputation: 400-499 uranus64 Reputation: 400-499 uranus64 Reputation: 400-499 uranus64 Reputation: 400-499 uranus64 Reputation: 400-499
Quote:
Originally Posted by Turkuaz View Post
The file you are trying to download is no longer available
Link is good and works. Try use VPN or something. Tested right now !
Reply With Quote
  #8  
Old 04-27-2023, 00:01
bolo2002 bolo2002 is offline
VIP
 
Join Date: Apr 2002
Posts: 614
Rept. Given: 111
Rept. Rcvd 14 Times in 13 Posts
Thanks Given: 217
Thanks Rcvd at 238 Times in 152 Posts
bolo2002 Reputation: 14
Quote:
Originally Posted by uranus64 View Post
Link is good and works. Try use VPN or something. Tested right now !
working too.
__________________
I like this forum!
Reply With Quote
  #9  
Old 07-31-2023, 02:32
CrackDJ CrackDJ is offline
Friend
 
Join Date: May 2010
Posts: 76
Rept. Given: 43
Rept. Rcvd 28 Times in 16 Posts
Thanks Given: 30
Thanks Rcvd at 13 Times in 10 Posts
CrackDJ Reputation: 28
Very useful tool for packed themida, trying out now!
Reply With Quote
  #10  
Old 10-31-2023, 09:50
Asus Asus is offline
VIP
 
Join Date: Feb 2005
Posts: 585
Rept. Given: 112
Rept. Rcvd 27 Times in 13 Posts
Thanks Given: 127
Thanks Rcvd at 84 Times in 35 Posts
Asus Reputation: 28
I hope developer is still working on this tool and x64 app will be supported.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 14:21.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )