VMProfiler  v1.8
vmprofiler is a c++ library which is used to statically analyze VMProtect 2 polymorphic virtual machines. This project is inherited in vmprofiler-qt, vmprofiler-cli, and vmemu.
Classes | Namespaces | Typedefs | Enumerations | Variables
vmprofiles.hpp File Reference
#include <transform.hpp>

Go to the source code of this file.

Classes

struct  vm::handler::profile_t
 pre defined vm handler profile containing all compiled time known information about a vm handler... More...
 

Namespaces

 vm
 
 vm::handler
 contains all information pertaining to vm handler identification...
 
 vm::handler::profile
 contains all profiles defined, as well as a vector of all of the defined profiles...
 

Typedefs

using vm::handler::zydis_callback_t = std::function< bool(const zydis_decoded_instr_t &instr) >
 zydis callback lambda used to pattern match native instructions... More...
 

Enumerations

enum  vm::handler::mnemonic_t {
  vm::handler::INVALID , vm::handler::LRFLAGS , vm::handler::PUSHVSP , vm::handler::MULQ ,
  vm::handler::DIVQ , vm::handler::CALL , vm::handler::JMP , vm::handler::VMEXIT ,
  vm::handler::LVSP , vm::handler::SREGQ , vm::handler::SREGDW , vm::handler::SREGW ,
  vm::handler::LREGQ , vm::handler::LREGDW , vm::handler::LCONSTQ , vm::handler::LCONSTBZXW ,
  vm::handler::LCONSTBSXQ , vm::handler::LCONSTBSXDW , vm::handler::LCONSTDWSXQ , vm::handler::LCONSTWSXQ ,
  vm::handler::LCONSTWSXDW , vm::handler::LCONSTDW , vm::handler::LCONSTW , vm::handler::READQ ,
  vm::handler::READDW , vm::handler::READW , vm::handler::WRITEQ , vm::handler::WRITEDW ,
  vm::handler::WRITEW , vm::handler::WRITEB , vm::handler::ADDQ , vm::handler::ADDDW ,
  vm::handler::ADDW , vm::handler::SHLQ , vm::handler::SHLDW , vm::handler::SHRQ ,
  vm::handler::SHRW , vm::handler::NANDQ , vm::handler::NANDDW , vm::handler::NANDW
}
 vm handler mnemonic... so you dont need to compare strings! More...
 
enum  vm::handler::extention_t { vm::handler::none , vm::handler::sign_extend , vm::handler::zero_extend }
 how sign extention is handled... More...
 

Variables

vm::handler::profile_t vm::handler::profile::sregq
 
vm::handler::profile_t vm::handler::profile::sregdw
 
vm::handler::profile_t vm::handler::profile::sregw
 
vm::handler::profile_t vm::handler::profile::lregq
 
vm::handler::profile_t vm::handler::profile::lregdw
 
vm::handler::profile_t vm::handler::profile::lconstq
 mov rax, [rsi] xor rax, rbx ; transformation bswap rax ; transformation lea rsi, [rsi+8] ; advance VIP… rol rax, 0Ch ; transformation inc rax ; transformation xor rbx, rax ; transformation (update rolling decrypt key) sub rbp, 8 mov [rbp+0], rax More...
 
vm::handler::profile_t vm::handler::profile::lconstdw
 mov eax, [rsi-0x04] bswap eax add eax, ebx dec eax neg eax xor eax, 0x2FFD187C push rbx add [rsp], eax pop rbx sub rbp, 0x04 mov [rbp], eax add rsi, 0xFFFFFFFFFFFFFFFC More...
 
vm::handler::profile_t vm::handler::profile::lconstw
 
vm::handler::profile_t vm::handler::profile::lconstbzxw
 
vm::handler::profile_t vm::handler::profile::lconstbsxdw
 
vm::handler::profile_t vm::handler::profile::lconstbsxq
 
vm::handler::profile_t vm::handler::profile::lconstdwsxq
 
vm::handler::profile_t vm::handler::profile::lconstwsxq
 
vm::handler::profile_t vm::handler::profile::lconstwsxdw
 
vm::handler::profile_t vm::handler::profile::addq
 mov rax, [rbp+0] add [rbp+8], rax pushfq pop qword ptr [rbp+0] More...
 
vm::handler::profile_t vm::handler::profile::adddw
 mov ax, [rbp] sub rbp, 0x06 add [rbp+0x08], ax pushfq pop [rbp] More...
 
vm::handler::profile_t vm::handler::profile::addw
 
vm::handler::profile_t vm::handler::profile::shlq
 
vm::handler::profile_t vm::handler::profile::shldw
 
vm::handler::profile_t vm::handler::profile::nandq
 
vm::handler::profile_t vm::handler::profile::nanddw
 
vm::handler::profile_t vm::handler::profile::nandw
 
vm::handler::profile_t vm::handler::profile::writeq
 
vm::handler::profile_t vm::handler::profile::writedw
 
vm::handler::profile_t vm::handler::profile::writeb
 
vm::handler::profile_t vm::handler::profile::readq
 
vm::handler::profile_t vm::handler::profile::readdw
 
vm::handler::profile_t vm::handler::profile::shrq
 
vm::handler::profile_t vm::handler::profile::shrw
 
vm::handler::profile_t vm::handler::profile::lrflags
 
vm::handler::profile_t vm::handler::profile::call
 mov rdx, [rbp] add rbp, 0x08 call rdx More...
 
vm::handler::profile_t vm::handler::profile::pushvsp
 
vm::handler::profile_t vm::handler::profile::mulq
 
vm::handler::profile_t vm::handler::profile::divq
 mov rdx, [rbp] mov rax, [rbp+0x08] div [rbp+0x10] mov [rbp+0x08], rdx mov [rbp+0x10], rax pushfq pop [rbp] More...
 
vm::handler::profile_t vm::handler::profile::jmp
 mov esi, [rbp] add rbp, 0x08 lea r12, [0x0000000000048F29] mov rax, 0x00 ; image base bytes above 32bits... add rsi, rax mov rbx, rsi ; update decrypt key add rsi, [rbp] ; add module base address More...
 
vm::handler::profile_t vm::handler::profile::lvsp
 mov rbp [rbp+0] More...
 
vm::handler::profile_t vm::handler::profile::vmexit
 
std::vector< vm::handler::profile_t * > vm::handler::profile::all
 a vector of pointers to all defined vm handler profiles... More...
 
Generated by doxygen 1.9.1