stuxnet147 / PyVMHunt

Experimental implementation of vmhunt. 64-bit support.

PyVMHunt

Experimental implementation of vmhunt. 64-bit support.

Trace

I traced the binary with triton

Test1 proc
  db      0ebh, 10h
  dd      20204c57h
  dd      107
  dd      0
  dd      20204c57h
  xor rax, rax
  add rax, 0DEADC0DEh
  add rax, 0DEADC0DEh
  add rax, 0DEADC0DEh
  sub rax, 0DEADC0DEh
  sub rax, 0DEADC0DEh
  sub rax, 0DEADC0DEh
  add rax, 0DEADC0DEh
  db      0ebh, 10h
  dd      20204c57h
  dd      507
  dd      0
  dd      20204c57h
  ret
Test1 endp

https://github.com/stuxnet147/PyVMHunt/releases/download/main/instrace.txt (Themida Fish64 White)

Reference

About

Experimental implementation of vmhunt. 64-bit support.

Languages

Language:Python 100.0%