Manifold
/
vmprofiler
forked from vmp3/vmprofiler
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

changed deobfuscation to keep register jumps

Browse Source
xtremegamer1 1 year ago
parent 80b5c20795
commit 1516e2a278
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
src/vminstrs.cpp
Unescape View File

@ -69,7 +69,7 @@ void deobfuscate(hndlr_trace_t& trace) {
break;
}
if (vm::utils::is_jmp(itr->m_instr)) {
if (vm::utils::is_jmp(itr->m_instr) && itr->m_instr.operands[0].type != ZYDIS_OPERAND_TYPE_REGISTER) {
uct_context_free(itr->m_cpu);
trace.m_instrs.erase(itr);
break;

Write Preview
Loading…
Cancel
Save