13 Apr

April update of unpackers

Molebox VS unpacker

This is a quite big update for Molebox VS unpacker. It fixes most of the bugs I'm aware of:

  • Supports Molebox GPL version
  • Removes "anti-hacking" protection
  • Supports BOX files in sub-directories
  • Shows embedded command-line
  • Main executable will be named {yourfile}_unpacked.exe
  • Fix calculation of SizeOfImage in edge cases
  • Fix decryption in edge cases

It's still not perfect and will fail in some situations - but I didn't want to postpone the release any longer. Please let me know if it crashes for you and I'll try to fix the problem. smile
Read More

01 Mar

March update of unpackers

Enigma VirtualBox unpacker

  • Unpacker will refuse to run if there is not enough space in TMP folder and/or in working directory
  • PE header size was calculated incorrectly in some cases
  • TLS directory was not detected correctly for some files

Setting TMP folder to a RAM drive was a good idea in 1990s. Now it's year 2019 and you can't manage virtual memory better than Windows already do. But some people apparently still try, so I added checks to stop them from shooting themselves in the foot.

Molebox VS unpacker

  • Added support for a very old version on Molebox VS, as reported by death

The fix was actually implemented a long time ago, I just didn't make the announcement.

30 Sep 2018

September update of unpackers

Last few months have been... extra busy. I survived HDD crash, participated in Flare-On reversing contest (and finished 4th!), had quite fun projects at work - but all that is a matter of another story. Today I want to share with you a long-overdue update for unpackers.

Enigma Virtual Box unpacker

  • Added support for Enigma Virtual Box v8.10, v8.20, v9.00 and v9.10.
  • Unpacker now restores file attributes and date/time. Be careful, unpacked files might have attributes "read only", "hidden", etc.!
  • Added validation of extracted folder/file names to prevent directory traversal attacks. It was on my todo list for a long time and all the media-craziness around Zip Slip finally forced me to do something about it.
  • Fixed warning message about TLS directory. Mea culpa.

Molebox Virtualization Studio unpacker

  • Fixed error "VFSDecrypt: failed to find STELPACK signature" on some data files;
  • Fixed error "SPack catalog not found or invalid. vfsrootsize=00000000" on some EXE files;
  • Fixed out-of-memory error when unpacking huge data files;
  • Loads possible filenames from mole_dictionary.txt;

How to use mole_dictionary.txt

If you have a file which uses "hide files" feature of Molebox VS, it only stores hash of the filename - original filenames are not stored anywhere. But if you have a good idea what the filename might be, you can add it to mole_dictionary.txt and my unpacker will use that for intelligent guessing.
Read More

27 Feb 2018

February update of unpackers

Enigma Virtual Box unpacker v0.51

  • Hopefully solved the UI-freeze issues.
  • Improved loading speed for big files (100+ MB).
  • Added a warning for the user when loading big file:
  • Added support for Enigma Virtual Box v8.00.
  • Enigma Virtual Box v8.00 finally added support for TLS callbacks. My unpacker will detect such files and will try to fix TLS directory automatically.

Known issue - for x64 executables exception directory is not restored. The unpacked executable will work until an exception happens. If you find any such executable, please send it to me and I'll work to improve the unpacker.

demoleition v0.60

  • Hopefully solved the UI-freeze issues.
  • Fixed bug with certificates and overlays that I introduced few versions ago.
  • Fixed bug with multi-packed files
  • Main form shows that only Molebox v2.x is supported.
  • Improved loading speed for big files (100+ MB) and added warning for users.

demoleition VS v0.01


This is first BETA release of static unpacker for Molebox v4.x. It works for most of the files in my collection but is not well tested by any means. If you notice any bugs (trust me, you will!), please let me know.

Known limitations: way too many. Few most important ones:

  • Error checking is very limited. If something bad happens, it will most likely crash.
  • Main file is saved as _unpacked.bin. Overlay (if present) is saved as overlay.bin.
  • The biggest problem is the "hide files" feature of MoleboxVS. It does not store original filename, just the MD5 hash of it. So, in those cases it's almost impossible to restore original filenames. I added big fat warning for those cases.
  • Loading large files will make the UI freeze. I'll fix it after the bugs in unpacker itself are fixed.

So, why release it? I've had it like this for 5+ years now. It almost works. But without your feedback it will stay in this "almost working" state forever. The more bugs you report, the bigger the chance that I'll finally finish this project.. So, have fun!


Bugs reported by users. I'll work to fix the when I get some free time.

  • Some data files can't be unpacked. Error
  • Sometimes main EXE file will not be unpacked. No error message but _unpacked.bin file won't be created.
  • Mysterious unpacking problem on some files. Error
  • Very large data files can't be unpacked. Error
20 Dec 2017

December update for unpackers

This month brings us not one but two updated unpackers! smile

Updated Molebox unpacker

  • Fixes a crash with double-packed files. Thanks to whoknows for reporting the issue!

Updated Enigma Virtual Box unpacker

  • Support for Enigma Virtual Box v7.90
  • Detection of Enigma Protector. The feature was added long time ago but accidentally removed later.

I still need to work on the UI-freeze issue. When unpacking very large files, UI will appear to be frozen until unpacking process completes. It may take 5+ minutes on very large files, please be patient!

04 Oct 2017

October update to Molebox unpacker

Thanks to my reader Max I have fixed another bug in the Molebox unpacker.

  • Removed memory leak that caused "out of memory" error when unpacking very large files (1.5GB+)

The usual request

I hope you find this unpacker useful. But if it doesn't work for you, please send me an error report with all the details you can and I'll try to fix it. Have fun!

22 Aug 2017

Yet another update to Molebox unpacker

Thanks to my readers I have fixed few more bugs in the Molebox unpacker.

  • Better support for non-ASCII symbols in filenames
  • Very large (4GB+) files will now unpack correctly
  • Unpacker will extract embedded files packed with old versions of Molebox (like version 2.0570)

The usual request

I hope you find this unpacker useful. But if it doesn't work for you, please send me an error report with all the details you can and I'll try to fix it. Have fun!