ScyllaHide doenst work on VMProtect v2

x64dbg / ScyllaHide

Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide

GNU General Public License v3.0

3.37k stars 418 forks source link

ScyllaHide doenst work on VMProtect v2 #131

Open gurachan opened 2 years ago

gurachan commented 2 years ago

here's the sample https://disk.yandex.com/d/Dqk1qhxj6YV6cQ both are packed with a different version of vmprotect .. v3 and v2..

ScyllaHide works fine with v3 but not on v2.

Not Working: bypassing anti-debug

pass: test

lupier commented 2 years ago

file under password? are you serious?

Mattiwatti commented 2 years ago

The password on the archive is test.

lupier commented 2 years ago

No single detection. Try "break on system breakpoint"

EricPlayZ commented 1 year ago

Bump, I have the same issue here. Using the VMProtect preset, debugging an x86 executable packed with VMProtect 2, i get to the entry point, I try to attach ScyllaHide to the process and the process immediately crashes after injection... Never had this issue on VMProtect 3 though.