Quote:
Originally Posted by deepzero
The E8 imports should be doable with a script (attaching a pe section and putting the jump-thunk there then point the E8s at that). There is also a tool for this, but I dont have it anymore, ImportFixer 1.2 I think it was called.
But the real problem is obviously the VM. There is no public way to defeat it.
|
This is UIF (Universal Import Fixer) v1.2 by Magic_h2001 — it fixes Themida's E8-style "Directly Imports" in memory. But it's 32-bit only — won't work on our x64 target.