28 Apr 2016

Quickpost: updated EnigmaVB unpacker

Now my unpacker detects Enigma Protector and nicely explains to user that's it's not the same as Enigma Virtual Box. Something like this:

Hopefully now users will stop confusing those 2 products. smile

Download link: Please get latest version from this post

45 thoughts on “Quickpost: updated EnigmaVB unpacker

    • I wouldn't call that moaning. ;) But it gets really repetitive to explain the same thing over and over again..

  1. Tried it on a 1.40 GB '*.exe' file and "out of memory" popped up.
    Maybe it's too big for it to unpack? Or is it just the packed file itself?
    Either way, thanks for this <3

    • When I made this tool, I had no idea that there are so many that large EXE files. :) I am planning to fix the problem but it's not that easy.

  2. Hello, are there any command-line switches to hide the window or close it after extraction finished?

    • No, there aren't. I want to avoid users making bugreports like "it just opened and closed immediately", "where are the extracted files?", etc.

      But if you can give me a good reason why do it, I'll consider implementing this feature.

      • As for me I'd like to use it as a button for Double Commander, but when i launch the unpacker with a switch "%p" which means a full path of selected file in DC, then unpacker extracts files in the same folder, and a window doesn't close. I think it would be better, for example, to use few switches:
        - for pointing Enigma File to be extracted (which, actually, works now)
        - for pointing the end directory for extracted files
        - for making a GUI window close right after extraction
        - to create a log-file for error to be analyzed

          • Hello!
            Don't want to push, but are there any movement with adding command-line switches?

          • You want me to spend several hours, so that you can save one mouse-click and few seconds on every launch of unpacker? Frankly, to me that doesn't look like a very good investment of my time.

            I quickly hacked together this version: https://www.mediafire.com/?0db048q0iypgb2u. If you run it like this: EnigmaVBUnpacker.exe /nogui "c:\full\path\to\file.exe", it will run without GUI and will create file c:\full\path\to\!unpacker.log with the log. Main executable will be unpacked to c:\full\path\to\file_unpacked.exe and data files will go to folders like c:\full\path\to\%DEFAULT FOLDER%.

            Hopefully that will keep you happy. :)

  3. Hello I have the same worries that "Shurut Sue and gdfg" 1,9Go for a file you have a new version I tried with 0.35 and 0.36? thank you

    • Honestly, I want to add support for large files but my free time is limited these days. :(

      You could check if EVB Extractor works for you. If it doesn't work, please upload file to mega.co.nz and send me a link - I'll see what I can do.

  4. kao

    Hopefully that will keep you happy. :)

    Yes, but it would be perfect if the destination folder was named "packed_file_name_without_extension" instead of "%DEFAULT FOLDER%", and the main executable file together with lo-file were extracted to that folder too.
    This will be really great.

  5. ...Any chance of publishing the source of the tool ?
    If you don't have time, perhaps someone else will and having source at hand is always better in the long run.

    • Based on my previous experience with Meltdown, publishing sources of the tool doesn't help at all - only two persons gave anything useful back to the project. Therefore I'm not planning to publish sources of EnigmaVB unpacker.

      But I could share the sources privately - if it would benefit the project somehow. Please email me with a more detailed proposal what you intend to improve and how and I'll look at it.

      Or you can take open-source project EVBExtractor and improve it. Since it's written in Python and uses a different approach, it doesn't have 2GB file size limit.

      • Unfortunately, while I'm not all that bad in figuring out stuff in other people's code (sometimes even in languages I have little to no clue about, like ruby), I don't consider myself a real programmer.

        But if you feel like giving out tips, EVBExtractor checks for .enigma1 section, what are the differences between that and .enigma2 ?

  6. out of memory expanding memory stream


    help me~please

  7. I just applied the following patch to the exe and now it supports larger exe files:

    {hidden link}

    • To clarify, this will prevent the unpacker from running out of memory with "large" files, but it still doesn't support files larger than 2.1GB.

  8. ...well, seems there's maximum imposed on reply depth...

    Anyway, link to that post, cause something seems wrong about that quote.

    In no particular order:
    - 'requires Python': well, duh...
    - 'doesn’t support registry, doesn’t fix main EXE': tells pretty much nothing without context
    - 'fails on compressed files larger than 64kb': either that's nonsense or a wrong quote
    - 'supports only Enigma VB v6.60+': explanation necessary; should that be a request for supporting *earlier* versions, ? if so, how exactly does the format differ ?

    Though, TBH, I've got only minimal interest here: EVBExtractor did work for the case (well, a group of them, to be exact) I was interested in, only for me to learn, that yet again an old integrated Intel is a bit low these days.

  9. does it is support for String Protection like EP_ProtectedStringByKey ? I need to decrypt them without using their APIs ? thanks

    • You're talking about Enigma Protector which is entirely different product made by the same company.

      Only Enigma Virtual Box is supported by my unpacker - and I have no plans to change that.

  10. Hello Kao. Can you plz update your tool for large file? Maybe you have a little more free time now. :)

  11. i got an error during unpacking because there was not enough memory. now i want to delete that stuff again but i cant find it. where did it save those things?

  12. A new version of Enigma Virtual Box has come out.
    Might be of your interest, since your unpacker fails with executables packed with it.

Leave a Reply

  • Be nice to me and everyone else.
  • If you are reporting a problem in my tool, please upload the file which causes the problem.
    I can`t help you without seeing the file.
  • Links in comments are visible only to me. Other visitors cannot see them.

Your email address will not be published.

six  −  2  =