Hendi48
commented
7 months ago It seems your target is using more lightweight settings than others, e.g. its .text section is not encrypted/compressed. I'll see what I can do.
Closed OptiJuegos closed 6 months ago
Hendi48
commented
7 months ago It seems your target is using more lightweight settings than others, e.g. its .text section is not encrypted/compressed. I'll see what I can do.
OptiJuegos
commented
7 months ago Here is the EXE if you wanna try it: https://www.mediafire.com/file/wuot9zxm5u35saa/OptiCraft_1.7.3.1_By_OptiJuegos.7z/file
Hendi48
commented
7 months ago This should be working now with release 2024-05-05, please check.
OptiJuegos
commented
7 months ago Works great! With older versions of the game, on new ones i'm having some issues
When unpacking 1.18.31, 0xc0000005 error appears
And 1.20.10, crashees on launch on my Windows 8.0 machine. But on win10 it doesn't
(crash windows 8.0)
i will try to unpack 1.18 & 1.20 in windows 8, to see if the problem fixes
OptiJuegos
commented
7 months ago If you need to test it: 1.18.31: https://www.mediafire.com/file/snrlqprwhucgwzm/OptiCraft_1.18.31_By_OptiJuegos.7z/file 1.20.10: https://www.mediafire.com/file/if7vo48hlkun1rd/OptiCraft+1.20.10+By+OptiJuegos.7z/file
OptiJuegos
commented
7 months ago When dumping 1.20 exe on a Windows 7 x86 and trying it on W10 x64, same crash as windows 8.0 happends
Hendi48
commented
6 months ago The new ones have had virtualization applied. In 1.20, the crash comes from the VM entered at 01537EAC - you can see a jmp into the Themida section. The VM has an anti-dump check. Unfortunately Magicmida cannot fix this (and probably won't ever be able to).
OptiJuegos
commented
6 months ago What a shame, its strange because it works on certains windows and in one ir doesn't (probably VM), idk if also 1.18 has anti dump enabled
El mar, 7 de may. de 2024 19:06, Hendi48 @.***> escribió:
The new ones have had virtualization applied. In 1.20, the crash comes from the VM entered at 01537EAC - you can see a jmp into the Themida section. The VM has an anti-dump check. Unfortunately Magicmida cannot fix this (and probably won't ever be able to).
— Reply to this email directly, view it on GitHub https://github.com/Hendi48/Magicmida/issues/16#issuecomment-2099393505, or unsubscribe https://github.com/notifications/unsubscribe-auth/AWOX3VKPGSFE3QQKPWHU3XLZBFF55AVCNFSM6AAAAABHBOI5UWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAOJZGM4TGNJQGU . You are receiving this because you authored the thread.Message ID: @.***>
Hendi48
commented
6 months ago What a shame, its strange because it works on certains windows and in one ir doesn't (probably VM), idk if also 1.18 has anti dump enabled
Yeah, 1.18 is the same. Note that even if the unpacked application appears to be working on one computer, it won't anymore after a reboot, due to ASLR.
I can manually fix this sort of anti-dump in unpacked binaries, but it's annoying work that I don't do for free. If you're interested in that, message me on Discord (name's the same as here).
OptiJuegos
commented
6 months ago Thanks for the information, i already sent you friend request to discord so we can talk about it.
Hello, i'm having issues while unpacking an app with Themida 2 x86
The problem is that the application never finishes the unpacking process, it just works like normal and magicmida stucks there loading the threads and codes
https://github.com/Hendi48/Magicmida/assets/94207445/a151408d-4c72-4787-a4e8-815fe4227540
I tried custom settings from scylla_hide but nothing, maybe there is some custom option to fix it?