A bit of history
MoleBox 2 was released in year 2003 and it was one of the first file virtualization solutions in the market. It bundled executable with the DLL and data files into a single EXE file. At that time that was something new and innovative.
They had quite a success and released another product (MoleBox Ultra, later renamed to MoleBox Virtualization Solution) in year 2009. Apparently it was very hard to fight in the increasingly more competitive market of application virtualization solutions and the last version of MoleBox Virtualization Solution was released in 2013.
Game over
In February 2016 domain molebox.com was sold for $1526. Yesterday their web server started serving generic WordPress page with dating-related spam. And that is just sad. ๐
Release of static unpacker
However, both editions of MoleBox are still very popular with private game server owners, as they allow to bundle patched EXE files together with their custom data files. It's not a bullet-proof security but stops newbies from stealing their valuable data.
Since the MoleBox company is officially out of business now, I have no more reasons to keep my static Molebox unpacker private. It supports most versions of MoleBox 2.x including the external box files.
Have fun guys!
Download link: see October update to Molebox unpacker for an updated version.
P.S. This post was made just because I noticed changes in MoleBox web, I wasn't planning to release the unpacker today. So, please keep in mind this code was written in year 2009 and has had only one small fix applied in 2015. It's likely that you'll encounter some bugs and quirks - please send me the problematic file and I'll fix the bug. ๐
P.P.S. I have static unpacker for MoleBox Virtualization Solution as well. But it doesn't have a nice UI yet, so it will be released on a later day.
Maybe something new will show up in the near future, who knows ๐
Based on my research, all sites related to DesaNova Ltda/Teggo are now defunct. So, even if something new appears, it's not likely to be good... ๐
Or do you know something that I don't?
I hope you will also relase the unpacker for MoleBox Virtualization Solution.
I will eventually. I just need some time to polish the UI.. ๐
Thanks, Im looking forward to it. ๐
I would like to ask a some expert advice from you via pm. If you can spare some time this is my email <email_removed>, thanks you.
You can ask your questions here or send me an email (see bottom of the page).
Haha yeah i saw your email below after i posted my comment. And also i already sent you an email, been waiting for your reply. ๐
Hey kao, i couldn't wait for your reply in my email. Haha Its kind of urgent. What can you recommend for me a obfuscator that works like molebox but is hard to deobfuscate? I am willing to buy a licensed app because we are using it to pack our .exe and some custom files s that no can can steal our work or edit our .exe to hack. One in my mind is boxedapp Thanks.
I already answered in email. ๐
BoxedApp doesn't provide any protection - all embedded files are stored non-encrypted in the ".bxpck" section of the file. Even the zlib compression (added i v3.3.0.20) is optional and must be explicitly enabled by the user.
Same thing here. As a satisfied user of molebox, I am quite disappointed that it disappeared. I'd be glad to hear that an alternative is available. I tried Enigma but, to say the truth, I got lost in its GUI...
I hope Olga and Alexey come with some brand new stuff. But I understand the chances are low.
How do I unpack the external package (external package is a separate file, executable file will searches it in the current directory when starts)?
Load executable file in my unpacker, it should find and unpack all external packages automatically.
I packed executable file that contains external packet, but has not been unpacked:{hidden link}
Pack configure:{hidden link}
Screenshots are nice, but please upload your packed file, so I can test it.
The original file, packaged and the unpacked files are contained: {link removed}
Thank you for your time and effort! ๐ I will check the files out and fix the unpacker, if necessary.
Please try the updated version 0.42: https://www.mediafire.com/?6eo0afesssieb1d
Now it will try to open external box files, even if flags say "No embedded files" - counterintuitive but apparently that's how Molebox works.
If you notice any other issues, please let me know!
Thank you for the update, I tested it is work well!
Great work as usual ... and great attitude to share your research and your HUGE knowledge. You're awesome. ๐
Thanks and Best Regards,
Tony
Glad you like it. ๐
I wanted to ask if you can either create a molebox key generator or a tool to change the PE signature. Due to some virus writers using molebox some apps we packed using molebox shows false positives as a cirus signature. Wanna try?
Molebox key generator would not solve False Positive problem. Furthermore, last time I checked, it was not possible to make one.
If you have legitimate software, just sign it with digital signature and work with AV companies to make sure your software is not detected.
If your software is not legit.. Well, that's not my problem. ๐
Hi,
I tried your unpacker v0.42 on this : {link removed}
It works for some files but,
The thing is the "HNK beta 630.exe" seems to look in a chars, stages encrypted folder (the things I'm looking for are inside) and the unpacker don't extract those folders.
Sorry for my bad english...
Thank you, I will check that. ๐
Yes, it's a small bug, thank you for reporting it!
Please copy demolition.exe to the same folder where HNK beta 630.exe, stages, data2 and other files are. Then it will find and unpack all files correctly.
de-mole-ition v0.42, compiled on 21.04.2016 20:00:00 [i] Loading file: HNK beta 630.exe [i] Relocating sections [i] Decoding loader [i] Molebox Pro v2.2534 [i] Original Section headers at offset 0x000C6744 (6) UPX0 0007B000 00001000 00000000 00000000 E0000080 UPX1 00048000 0007C000 00047600 00001000 E0000040 UPX2 00001000 000C4000 00000200 00048600 C0000040 .text 00011ABF 000C5000 0000B600 00048800 E0000040 .rdata 00000D76 000D7000 00000E00 00053E00 E0000040 .data 00007110 000D8000 00001C00 00054C00 E0000040 [i] Loading control information [i] Decrypting File System [i] Verifying File System MD5 [i] Parsing File System [i] Total files: 5 pFileName - cDataOffs - fileSize - flags ---- FileName ------------------------------------------------------ 00000000 00056844 00086000 00000033 ALLEG40.DLL 0000000C 00124C6A 00000A10 00000033 mugenw.log 00000017 00125683 000000F7 00000033 WinMugen.ini 00000024 00125787 0000D000 00000033 zlib.dll 0000002D 001327A8 0004B438 00000033 _splashscreen.bmp [i] BOX wildcard = *.* [i] Checking file = chars [i] Decrypting File System [i] Verifying File System MD5 [i] Parsing File System [i] Total files: 204 pFileName - cDataOffs - fileSize - flags ---- FileName ------------------------------------------------------ 00000000 00000024 00000300 00000033 chars\falco\falco.act 00000016 00000336 0001E574 00000033 chars\falco\falco.air 0000002C 0001E8BC 0000B5DE 00000033 chars\falco\falco.cmd 00000042 00029EA4 00013476 00000033 chars\falco\falco.cns 00000058 0003D324 0000030E 00000033 chars\falco\falco.def 0000006E 0003D700 0030ACD6 00000033 chars\falco\falco.sff 00000084 00348470 0022EA85 00000033 chars\falco\falco.snd 0000009A 00576EFB 00000300 00000033 chars\falco\falco2.act 000000B1 00577205 00000300 00000033 chars\falco\falco3.act 000000C8 00577513 00000300 00000033 chars\falco\falco4.act 000000DF 00577825 00000300 00000033 chars\falco\falco5.act 000000F6 00577B2B 00000300 00000033 chars\falco\falco6.act 0000010D 00577E35 00000300 00000033 chars\falco\falcoanime.act 00000128 00578143 00000300 00000033 chars\falco\falcoanime2.act 00000144 00578455 00000300 00000033 chars\falco\falcoanime3.act 00000160 0057875B 00000300 00000033 chars\falco\falcoanime4.act 0000017C 00578A65 00000300 00000033 chars\falco\falcoanime5.act 00000198 00578D73 00000300 00000033 chars\falco\falcoanime6.act ...Oh thanks a lot!
One more thing...
Can you look at "chars\falco\falco.def" (open with notepad) and you will see some invalid random code (ยฃkยง +) at the bottom end of the code.
Files with cns, cmd, def extensions (just txt files in fact) have all these random errors codes at the end. I can remove them manually but maybe there is something to do at your side.
Thanks again for you time.
Answered in email.
Hello,
Thanks for this awesome released program. I tried and it create unpacked.ex. what should I do ? Please help me. Thanks a lot.
That is the unpacked EXE file.
Just rename it to whatever you like (for example, unpacked.exe) and do whatever you want with it. If you run it, it should work just like your original EXE file.
Or if not, can you help me unpack this: [LINK REMOVED]
Thanks so much.
It gets unpacked just fine, see my previous comment.
Thanks so much, you saved my days.
I can not unpack external files. I dont know why. Im sending the link of files to your email. Thank you.
Responded via email. ๐
Im trying to unpack game, but it says "Not a PE file"
How to solve this?
Give the correct EXE or DLL file to the unpacker. ๐
my problem almost same with Dura and same engine (mugen), the unpacker can't extract the file inside .exe
Please upload file to mega.co.nz or mediafire.com and send me the link. I'll look at it (probably next week).
here's the link bro : {link_removed}
Umm it is possible to unpack that file? :\
Sorry, I totally forgot about your request. Of course, it is possible. ๐
https://mega.nz/#!FoJwla7S!r-JPSJ7HQTic4AXwea9J-QdjOBo4GNZDwQorlPNTIu0
thank you very much (i've been waiting so long xD), i hope you can published unpacker for MoleBox Virtualization quickly ๐
As you can see, there are so many requests and so limited amount of free time.. ๐ Therefore I prefer not to make any promises..
Good day sir , how to encrypt .dat .pak they used enigma and molebox virtualization to encrypt .dat .pak
i mean to decrypt .dat .pak
Decryption keys are inside the packed EXE or DLL file. So, use the correct unpacker on EXE/DLL and it will unpack .dat .pak files automatically.
Or upload the files to mega.co.nz and I'll take a look at them.
Please published unpacker for Molebox Virtualization thanks in advance sir more power...:D
I will publish it when it will be 100% working. ๐ It's still not done..
kao please give me a response to email. i sent you a message please need your help badly.
kao please give me a response to email. i sent you a message please need your help badly.
error unpacking say "relocating section faied.file is cut"
That file is too big, my unpacker does not support it.
Hello sir thanks for responding i already send you a link in Email Please response to email thank you sir.
Hello sir thanks for responding i already send you a link in Email Please response to email thank you sir..
Please update me if you got my email sir Thank you..
i already send the link in mega in your email sir
Responded in email.
kao...please response to the email..there is error on unpacking .exe files....
Responded few comments above.
no email i got kao...please send to this email {link_removed}
is there other way to unpack it?
i want unpack this {link_removed}
thanks in advanced
Here you go: {link_removed}
Hello sir I need you Help decypting this kind of application ...please..thank you
is there a way to decrypt molebox virtualizaion like .exe .dat files...?
kao i've email to you...please response...
Hello,
Thanks for creating this tool!
I found a bug. When the "Use block encryption" option is ticked, the last few bytes of the unpacked files would be corrupted. My version of Molebox is 2.3682. Here is the test files (including original files and the packed file):
{link removed}
The bug was already reported and fixed earlier (see http://lifeinhex.com/molebox-goes-out-of-business/#comment-964), I will try to contact you via email tomorrow.
can you decrypt those file.... i've sent it to your email...
What would you recommend as the best MoleBox replacement for apps/games protection?
It's not possible to answer your question without knowing the details about your specific problem. There are plenty of possibilities (Themida+XBundler, Enigma Protector, BoxedApp, Cameyo, just to name a few).
Each of them have some advantages and some disadvantages. So, just try them out and pick the one you like most. ๐
As a reverser, which do you think has a stronger protection against hacking and reverse engeenering? I've checked Themida, Code Virtualizer, Enigma... I also know ASProtect and StarForce ProActive, but I found almost no reviews and I don't know what to think about them.
I want it to protect an app from hacking and reverse engeenering, so as a reverser, which one do you think is the best?
you can unpack this {link_removed} thanks in advanced
thanks you can delete the link
Here you go: {link_removed}
delete link
Dear all! This is not "please unpack my file" forum.
Please do not post any links with your files. I will make my unpacker public when I finish it, I can promise you that. However, I do not have much free time these days, so it might take a while.
Thank you for understanding,
kao.
kao please new program unpacking molebox .exe 800 mb
ERROR: relocating section faied.file is cut
.exe 850mb
Can you improve your program?
Hello can help me try to decompile an .exe file with molebox but it comes out
[I] Loading file: C: \ Users \ Admin \ Desktop \ File \ Future.exe
[X] Not a PE file
Dropped by to say thanks!
relocating section faied.file is cut
.exe 750mb
new program please unpacking molebox
Kao please unpaking program molebox .exe 750 mb
help help unpack molebox 902mb :C please please
Why not go to {software_name_removed}? World's Best software.
Your comment comes from IP address that has been associated with spam comments in the past. Therefore I'm removing the software name.
If you really are the author of that program, don't write just "World's Best software" but explain in details why someone should use it. ๐
hi๏ผkao
please check your email๏ผi send the file(cant unpack)to your email.
thanks
Hi Kao,
I'm a legit molebox user for many years.
All was running fine on a vm until I changed the laptop which was hosting the vm.
Now the vm is running my legit molebox in trial mode :-(( because it has detected some hardware fingerprint changes.
I still have my original molebox key but the molebox servers are now defunct/gones/down forever and don't permit me to activate again.
Having an "official" keygen would be a super idea.
I've bought another packing solution, spent nearly 6 months of mails exchanges with the author and it failed where molebox was working like a breeze...
I would be really greatful and even ready to pay for a working keygen solution to reactivate molebox on my vm environment.
FYI my molebox version is Molebox virtualization solution 4.5...
Hi Chris,
I don't have such solution/keygen. And, as far as I know, nobody does.
In my opinion, you have 2 options:
1) use Molebox v4.5462 cracked by KuNgBiM. Google is your friend. Check the legal status of abandonware in your country first.. ๐
2) use another file virtualization solution. Enigma VirtualBox is probably the most common right now.
If you still have the old laptop with VM and activated Molebox, probably somebody (not necessarily me) could figure out a way how to move it properly to a new laptop. But without having the original hardware, I think it would be close to impossible.
Can you link it?
Can you use Google? I prefer not to post direct links to the pirated software, no matter how old it is.
{hidden link}
Damn, that is mighty impressive! ๐ Thank you for this valuable find!
You helped them to get to the bankrupcy lol
Kidding.