+- الفريق العربي للهندسة العكسية (https://www.at4re.net/f)
+-- قسم : منتديات الهندسة العكسية - Reverse Engineering Forums (https://www.at4re.net/f/forum-4.html)
+--- قسم : البرامج و أدوات الهندسة العكسية - RCE Tools (https://www.at4re.net/f/forum-29.html)
+---- قسم : برامج فحص الملفات - PE Scanning Tools (https://www.at4re.net/f/forum-38.html)
+---- الموضوع : Exeinfo 0.0.8.3 (/thread-3807.html)
Exeinfo 0.0.8.3 - motaghred - 09-04-2024
Added pack .lzma , .lzma Undetectable , .lzma unpacker
config : added [Internet Browset ] change to user path
Viewer : added [ Save to File - window log ]
fixed VMprotect v3.5+
added : Inno unpacker script view
Exe Rippers - save to created Directory : !Rip_exe_{file_name}
added overlay detector l + section ovl scan [ Python .Zlib Archive "PYZ"
added Function : Detect_BoxedApp_SDK32
Ripper .7z xor FF - fixed , detect crypted 7z v.0.4 in Advanced Installer [ v19.x ]
Set Buffer for exe file : 336 MB
Lzma packer ( now you can send malware file via gmail ) :
exeinfope.exe FileName /plzma - pack file with lzma packer ( 7z compatible )
for many files ( mask files ) :
console mode - exeinfope.exe FileName* /plzma - pack file with lzma packer
exeinfope.exe FileName /plzma - pack file with lzma packer ( 7z compatible )
for many files ( mask files ) :
console mode - exeinfope.exe FileName* /plzma - pack file with lzma packer
Lzma unpacker :
exeinfope.exe FileName /ulzma - unpack file with lzma packer ( 7z compatible )
for many files ( mask files ) :
console mode - exeinfope.exe FileName* /ulzma - unpack file with lzma packer
exeinfope.exe FileName /ulzma - unpack file with lzma packer ( 7z compatible )
for many files ( mask files ) :
console mode - exeinfope.exe FileName* /ulzma - unpack file with lzma packer
update Obsidium v1.5 - 1.8.2.2
added detector for DLL 32bit : [ plugin for : AutoPlay Media Studio ] v8.5 http://www.indigorose.com
added detector for DLL 64bit : [ .PYD Python C Extensions library ]
added console mode :
unpack all exe files and Inno script from InnoSetup installer
( work only if you don't have installed Inno Extractor - Exeinfo Pe internal unpacker )
parameter example : exeinfope.exe file_name /unp-inno-exe
unpack all exe files and Inno script from InnoSetup installer
( work only if you don't have installed Inno Extractor - Exeinfo Pe internal unpacker )
parameter example : exeinfope.exe file_name /unp-inno-exe
added Skater v24.2.0.51 2024 ( protected DLL still not detected )
Delphi version resolver Added ( not 100% ) :
Delphi XE7 - v10.4 , Delphi v10.4 Sydney , Delphi v10.4 Rio , Delphi v11.0 Alexandria , Delphi v12 Yukon , Delphi v10.2 Tokyo , Delphi v10.1 Berlin
Delphi XE7 - v10.4 , Delphi v10.4 Sydney , Delphi v10.4 Rio , Delphi v11.0 Alexandria , Delphi v12 Yukon , Delphi v10.2 Tokyo , Delphi v10.1 Berlin
added Config GUI : Wow64 redirect
added [Internet Browset ] change to user path
added [Internet Browset ] change to user path
added Inno extractor - view inno script
added to NOT EXE - .7z 7-ZIP Archive v.0.4
[ AES - detected - password required ]
[ Mode : DEFLATE ]
[ Mode : P7Z_BCJ ]
[ Mode : LZMA:21 BCJ ]
[ AES - detected - password required ]
[ Mode : DEFLATE ]
[ Mode : P7Z_BCJ ]
[ Mode : LZMA:21 BCJ ]
added detector for protected 7zip : Ripper don't ripp "protected .7z archives by CryptoNickSof"
but Exeinfo PE detect it !
but Exeinfo PE detect it !