added vmprofiler, added xtils, added zydis, making vmemu_t

4 years ago · 50bc06418f
parent 3e28fedf4d
commit 50bc06418f
9 changed files with 332 additions and 1 deletions
--- a/.gitmodules
+++ b/.gitmodules
@ -4,3 +4,9 @@
 [submodule "dependencies/cli-parser"]
 	path = dependencies/cli-parser
 	url = https://githacks.org/_xeroxz/cli-parser.git
+[submodule "dependencies/xtils"]
+	path = dependencies/xtils
+	url = https://githacks.org/_xeroxz/xtils.git
+[submodule "dependencies/vmprofiler"]
+	path = dependencies/vmprofiler
+	url = https://githacks.org/gavz/vmprofiler.git
--- a/dependencies/vmprofiler
+++ b/dependencies/vmprofiler
@ -0,0 +1 @@
+Subproject commit a05293ab21c93c024792a8064a8344241b947f81
--- a/dependencies/xtils
+++ b/dependencies/xtils
@ -0,0 +1 @@
+Subproject commit 09d0342da61c74b08a95ee284a8b25c742ca89c1
--- a/vmemu.sln
+++ b/vmemu.sln
@ -5,6 +5,8 @@ VisualStudioVersion = 16.0.30907.101
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "vmemu", "vmemu\vmemu.vcxproj", "{B94A9F63-113F-4F80-A962-2E949A0D4826}"
 EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "vmprofiler", "dependencies\vmprofiler\src\vmprofiler.vcxproj", "{D0B6092A-9944-4F24-9486-4B7DAE372619}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Release|x64 = Release|x64
@ -12,6 +14,8 @@ Global
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
 		{B94A9F63-113F-4F80-A962-2E949A0D4826}.Release|x64.ActiveCfg = Release|x64
 		{B94A9F63-113F-4F80-A962-2E949A0D4826}.Release|x64.Build.0 = Release|x64
+		{D0B6092A-9944-4F24-9486-4B7DAE372619}.Release|x64.ActiveCfg = Release|x64
+		{D0B6092A-9944-4F24-9486-4B7DAE372619}.Release|x64.Build.0 = Release|x64
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
--- a/vmemu/main.cpp
+++ b/vmemu/main.cpp
@ -1,6 +1,7 @@
 #include <iostream>
 #include <unicorn/unicorn.h>
 #include <cli-parser.hpp>
+#include "vmemu_t.hpp"

 int __cdecl main(int argc, const char* argv[])
 {
@ -19,6 +20,7 @@ int __cdecl main(int argc, const char* argv[])
 		.name("--imagebase").required("true")
 		.description("image base from optional PE header...");

+	parser.enable_help();
 	auto result = parser.parse(argc, argv);

 	if (result)
@ -28,4 +30,22 @@ int __cdecl main(int argc, const char* argv[])

 		return -1;
 	}
+
+	if (parser.exists("help"))
+	{
+		parser.print_help();
+		return 0;
+	}
+
+	const auto vm_entry_rva = std::strtoull(
+		parser.get<std::string>("vmentry").c_str(), nullptr, 16);
+
+	const auto image_base = std::strtoull(
+		parser.get<std::string>("imagebase").c_str(), nullptr, 16);
+
+	const auto module_base = reinterpret_cast<std::uintptr_t>(
+		LoadLibraryExA(parser.get<std::string>("vmpbin").c_str(), 
+			NULL, DONT_RESOLVE_DLL_REFERENCES));
+
+	vm::emu_t emu(vm_entry_rva, image_base, module_base);
 }
--- a/vmemu/vmemu.vcxproj
+++ b/vmemu/vmemu.vcxproj
@ -33,7 +33,7 @@
  <PropertyGroup Label="UserMacros" />
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
    <LinkIncremental>false</LinkIncremental>
-    <IncludePath>$(Project)..\dependencies\cli-parser;$(Project)..\dependencies\unicorn\include;$(IncludePath)</IncludePath>
+    <IncludePath>$(Project)..\dependencies\cli-parser;$(Project)..\dependencies\unicorn\include;$(Project)..\dependencies\xtils;$(IncludePath)</IncludePath>
  </PropertyGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
    <ClCompile>
@ -55,6 +55,7 @@
  </ItemDefinitionGroup>
  <ItemGroup>
    <ClCompile Include="main.cpp" />
+    <ClCompile Include="vmemu_t.cpp" />
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="..\dependencies\cli-parser\cli-parser.hpp" />
@ -69,6 +70,63 @@
    <ClInclude Include="..\dependencies\unicorn\include\unicorn\sparc.h" />
    <ClInclude Include="..\dependencies\unicorn\include\unicorn\unicorn.h" />
    <ClInclude Include="..\dependencies\unicorn\include\unicorn\x86.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\transform.hpp" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\vm.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\vmctx.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\vmp2.hpp" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\vmprofiler.hpp" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\vmutils.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\ZycoreExportConfig.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Allocator.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\API\Memory.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\API\Process.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\API\Synchronization.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\API\Terminal.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\API\Thread.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\ArgParse.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Bitset.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Comparison.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Defines.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Format.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\LibC.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\List.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Object.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Status.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\String.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Types.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Vector.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Zycore.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\ZydisExportConfig.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Decoder.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\DecoderTypes.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Formatter.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\FormatterBuffer.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Generated\EnumInstructionCategory.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Generated\EnumISAExt.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Generated\EnumISASet.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Generated\EnumMnemonic.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Generated\EnumRegister.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\DecoderData.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\FormatterATT.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\FormatterBase.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\FormatterIntel.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\SharedData.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\String.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\MetaInfo.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Mnemonic.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Register.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\SharedTypes.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\ShortString.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Status.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Utils.h" />
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Zydis.h" />
+    <ClInclude Include="..\dependencies\xtils\xtils\xtils.hpp" />
+    <ClInclude Include="vmemu_t.hpp" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\dependencies\vmprofiler\src\vmprofiler.vcxproj">
+      <Project>{d0b6092a-9944-4f24-9486-4b7dae372619}</Project>
+    </ProjectReference>
  </ItemGroup>
  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
  <ImportGroup Label="ExtensionTargets">
--- a/vmemu/vmemu.vcxproj.filters
+++ b/vmemu/vmemu.vcxproj.filters
@ -15,11 +15,32 @@
    <Filter Include="Header Files\unicorn\unicorn">
      <UniqueIdentifier>{a871bdc5-3faf-4d03-9f95-45d59e394562}</UniqueIdentifier>
    </Filter>
+    <Filter Include="Header Files\vmprofiler">
+      <UniqueIdentifier>{9fb4cc4f-eb2f-49e3-b680-56e43aa3c1e5}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Header Files\vmprofiler\Zydis">
+      <UniqueIdentifier>{2a9e2ea7-67f2-408b-b125-f1dac9a81696}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Header Files\vmprofiler\Zydis\Internal">
+      <UniqueIdentifier>{ea6cc84d-2152-46e5-81ea-195dfa58bf37}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Header Files\vmprofiler\Zydis\Generated">
+      <UniqueIdentifier>{ab91c846-5e2a-4b0f-b119-28b56f5136e9}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Header Files\vmprofiler\Zycore">
+      <UniqueIdentifier>{b2469cba-4a7f-4f5c-b60d-17cd07278695}</UniqueIdentifier>
+    </Filter>
+    <Filter Include="Header Files\vmprofiler\Zycore\API">
+      <UniqueIdentifier>{c4e9ba60-a20a-4a30-9c6b-a188c298c957}</UniqueIdentifier>
+    </Filter>
  </ItemGroup>
  <ItemGroup>
    <ClCompile Include="main.cpp">
      <Filter>Source Files</Filter>
    </ClCompile>
+    <ClCompile Include="vmemu_t.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
  </ItemGroup>
  <ItemGroup>
    <ClInclude Include="..\dependencies\unicorn\include\list.h">
@ -58,5 +79,161 @@
    <ClInclude Include="..\dependencies\cli-parser\cli-parser.hpp">
      <Filter>Header Files</Filter>
    </ClInclude>
+    <ClInclude Include="vmemu_t.hpp">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\xtils\xtils\xtils.hpp">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\transform.hpp">
+      <Filter>Header Files\vmprofiler</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\vm.h">
+      <Filter>Header Files\vmprofiler</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\vmctx.h">
+      <Filter>Header Files\vmprofiler</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\vmp2.hpp">
+      <Filter>Header Files\vmprofiler</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\vmprofiler.hpp">
+      <Filter>Header Files\vmprofiler</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\vmutils.h">
+      <Filter>Header Files\vmprofiler</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\ZycoreExportConfig.h">
+      <Filter>Header Files\vmprofiler</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\ZydisExportConfig.h">
+      <Filter>Header Files\vmprofiler</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Decoder.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\DecoderTypes.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Formatter.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\FormatterBuffer.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\MetaInfo.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Mnemonic.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Register.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\SharedTypes.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\ShortString.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Status.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Utils.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Zydis.h">
+      <Filter>Header Files\vmprofiler\Zydis</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\DecoderData.h">
+      <Filter>Header Files\vmprofiler\Zydis\Internal</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\FormatterATT.h">
+      <Filter>Header Files\vmprofiler\Zydis\Internal</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\FormatterBase.h">
+      <Filter>Header Files\vmprofiler\Zydis\Internal</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\FormatterIntel.h">
+      <Filter>Header Files\vmprofiler\Zydis\Internal</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\SharedData.h">
+      <Filter>Header Files\vmprofiler\Zydis\Internal</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Internal\String.h">
+      <Filter>Header Files\vmprofiler\Zydis\Internal</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Generated\EnumInstructionCategory.h">
+      <Filter>Header Files\vmprofiler\Zydis\Generated</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Generated\EnumISAExt.h">
+      <Filter>Header Files\vmprofiler\Zydis\Generated</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Generated\EnumISASet.h">
+      <Filter>Header Files\vmprofiler\Zydis\Generated</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Generated\EnumMnemonic.h">
+      <Filter>Header Files\vmprofiler\Zydis\Generated</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zydis\Generated\EnumRegister.h">
+      <Filter>Header Files\vmprofiler\Zydis\Generated</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Allocator.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\ArgParse.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Bitset.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Comparison.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Defines.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Format.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\LibC.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\List.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Object.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Status.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\String.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Types.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Vector.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\Zycore.h">
+      <Filter>Header Files\vmprofiler\Zycore</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\API\Memory.h">
+      <Filter>Header Files\vmprofiler\Zycore\API</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\API\Process.h">
+      <Filter>Header Files\vmprofiler\Zycore\API</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\API\Synchronization.h">
+      <Filter>Header Files\vmprofiler\Zycore\API</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\API\Terminal.h">
+      <Filter>Header Files\vmprofiler\Zycore\API</Filter>
+    </ClInclude>
+    <ClInclude Include="..\dependencies\vmprofiler\include\Zycore\API\Thread.h">
+      <Filter>Header Files\vmprofiler\Zycore\API</Filter>
+    </ClInclude>
  </ItemGroup>
 </Project>
--- a/vmemu/vmemu_t.cpp
+++ b/vmemu/vmemu_t.cpp
@ -0,0 +1,43 @@
+#include "vmemu_t.hpp"
+
+namespace vm
+{
+	emu_t::emu_t(std::uint32_t vm_entry_rva, 
+		std::uintptr_t image_base, std::uintptr_t module_base)
+		: 
+		module_base(module_base), 
+		image_base(image_base),
+		vm_entry_rva(vm_entry_rva)
+	{
+		auto err = uc_open(UC_ARCH_X86, UC_MODE_64, &uc);
+
+		if (err) 
+			throw std::exception("failed to init unicorn", err);
+
+		const auto image_size =
+			NT_HEADER(module_base)->OptionalHeader.SizeOfImage;
+
+		const auto vm_entry = vm_entry_rva + module_base;
+		constexpr auto stack_addr = 0x1000000;
+
+		// allocate space for module...
+		uc_mem_map(uc, module_base, image_size, UC_PROT_ALL);
+
+		// allocate 6 pages for stack...
+		uc_mem_map(uc, stack_addr, 0x1000 * 6, UC_PROT_READ | UC_PROT_WRITE);
+
+		// write the module into memory...
+		uc_mem_write(uc, module_base, reinterpret_cast<void*>(module_base), image_size);
+
+		// set vm_entry into RIP...
+		uc_reg_write(uc, UC_X86_REG_RIP, &vm_entry);
+
+		// set stack address up...
+		uc_reg_write(uc, UC_X86_REG_RSP, &stack_addr);
+	}
+
+	emu_t::~emu_t()
+	{
+		uc_close(uc);
+	}
+}
--- a/vmemu/vmemu_t.hpp
+++ b/vmemu/vmemu_t.hpp
@ -0,0 +1,21 @@
+#pragma once
+#include <exception>
+#include <cstdint>
+#include <unicorn/unicorn.h>
+#include <xtils/xtils.hpp>
+
+namespace vm
+{
+	class emu_t
+	{
+	public:
+		explicit emu_t(std::uint32_t vm_entry_rva, 
+			std::uintptr_t image_base, std::uintptr_t module_base);
+
+		~emu_t();
+	private:
+		std::uintptr_t image_base, module_base;
+		std::uint32_t vm_entry_rva;
+		uc_engine* uc;
+	};
+}
				`@ -0,0 +1 @@`
				`Subproject commit a05293ab21c93c024792a8064a8344241b947f81`
				`@ -0,0 +1 @@`
				`Subproject commit 09d0342da61c74b08a95ee284a8b25c742ca89c1`