Skip to content
This repository was archived by the owner on Mar 24, 2022. It is now read-only.
/ HexRaysDeob Public archive
forked from RolfRolles/HexRaysDeob

Hex-Rays microcode API plugin for breaking an obfuscating compiler

License

GPL-3.0 license
81 stars 136 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

vmware-archive/HexRaysDeob

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
bin
bin
 
 
AllocaFixer.cpp
AllocaFixer.cpp
 
 
AllocaFixer.hpp
AllocaFixer.hpp
 
 
CFFlattenInfo.cpp
CFFlattenInfo.cpp
 
 
CFFlattenInfo.hpp
CFFlattenInfo.hpp
 
 
Config.hpp
Config.hpp
 
 
DefUtil.cpp
DefUtil.cpp
 
 
DefUtil.hpp
DefUtil.hpp
 
 
HexRaysDeob.sln
HexRaysDeob.sln
 
 
HexRaysDeob.vcxproj
HexRaysDeob.vcxproj
 
 
HexRaysDeob.vcxproj.filters
HexRaysDeob.vcxproj.filters
 
 
HexRaysDeob.vcxproj.user
HexRaysDeob.vcxproj.user
 
 
HexRaysUtil.cpp
HexRaysUtil.cpp
 
 
HexRaysUtil.hpp
HexRaysUtil.hpp
 
 
LICENSE
LICENSE
 
 
MicrocodeExplorer.cpp
MicrocodeExplorer.cpp
 
 
MicrocodeExplorer.hpp
MicrocodeExplorer.hpp
 
 
PatternDeobfuscate.cpp
PatternDeobfuscate.cpp
 
 
PatternDeobfuscate.hpp
PatternDeobfuscate.hpp
 
 
PatternDeobfuscateUtil.cpp
PatternDeobfuscateUtil.cpp
 
 
PatternDeobfuscateUtil.hpp
PatternDeobfuscateUtil.hpp
 
 
README.org
README.org
 
 
TargetUtil.cpp
TargetUtil.cpp
 
 
TargetUtil.hpp
TargetUtil.hpp
 
 
Unflattener.cpp
Unflattener.cpp
 
 
Unflattener.hpp
Unflattener.hpp
 
 
main.cpp
main.cpp
 
 
makefile
makefile
 
 
makefile.lnx
makefile.lnx
 
 

Repository files navigation

HexRaysDeob for APT10 ANEL

This is a forked repository of HexRaysDeob for defeating APT10 ANEL code obfuscations.

This plugin supports IDA 7.3 only.

The tested hashes are:

  • 3d2b3c9f50ed36bef90139e6dd250f140c373664984b97a97a5a70333387d18d (5.4.1 dropped payload)
  • f333358850d641653ea2d6b58b921870125af1fe77268a6fdfeda3e7e0fb636d (5.5.0 rev1 loader DLL)

About

Hex-Rays microcode API plugin for breaking an obfuscating compiler

Resources

Readme

License

GPL-3.0 license

Security policy

Security policy
Activity
Custom properties

Stars

81 stars

Watchers

11 watching

Forks

10 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C++ 97.2%
  • Makefile 2.8%