module name deob error

[ceesim]

I use the same target file ,under 2.1 , all is ok,but with 4.0 , errors occurs.

below is in 2.1 public virtual void AddContactToThreatList(Contact theContact) { if (this._Threats.Contains(theContact)) return; this._Threats.Add(theContact); }

tht's ok

below is in 4.0 public virtual void AddContactToThreatList(Contact theContact) { while (!this._Threats.Contains(theContact)) { int num = 0; if (\u003CModule\u003E\u007Bfa6f17c6\u002D332f\u002D4cdc\u002Db5a0\u002D75732f27f089\u007D.m_e65d593cc11a4827b2cafe7449027426 != 0) goto label_3; label_2: this._Threats.Add(theContact); if (\u003CModule\u003E\u007Bfa6f17c6\u002D332f\u002D4cdc\u002Db5a0\u002D75732f27f089\u007D.m_7755c96b29fa46dbb79a3a1db034ec2b == 0) break; num = 0; label_3: switch (num) { case 0: return; case 1: goto label_2; case 2: continue; default: return; } } }

Target obfuscated file I have post the target file days ago , it's the same. Screenshots If applicable, add screenshots to help explain your problem.

OS Version: win10 x64

[SychicBoy]

I have post the target file days ago

Re upload the files.

[ceesim]

https://drive.google.com/file/d/18qTpUKjEEEQNRvCDXwgvACneVYtaFEPF/view?usp=sharing

the file

[ceesim]

I use it with 2.1 , it works fine

[ceesim]

I tried it again and confirm it works in 2.1, but 4.0 not work .

[SychicBoy]

I use it with 2.1 , it works fine

Older versions deobfuscate cflow dynamically by invoking arithmetic fields, since invoking is not a stable solution and it's not working in some targets, I decided to make it works statically by finding the method where all arithmetic fields value being set, So since in your target assembly this method is virtualized cflow deobfuscation is not working.

[ceesim]

Thanks for the explaination. So In my case , is it possible to use the new version to unpack it ? or the new version will not support virtualize?

[SychicBoy]

No, virtualization is not supported yet. Maybe in feature versions.

[SychicBoy]

Duplicate of #2