greats3an f6f7d83dbf Version 0.1.0

feat : PE restoration is implemented
feat : added a tree graph for directory listing
misc : improved overall quality

2022-06-24 14:44:29 +08:00

1.4 KiB

Raw Permalink Blame History

evbunpack

Enigma Virtual Box unpacker

Features

Unpacks PE / external external packages made with Enigma Vitrual Box

Supports compressed archives and basically every recent version of EVB (tested 6.x & 9.x)

Can also restore the original executable for easier reverse engineering

Installation

pip install evbunpack

If PE restoration is desired, install pefile alongside this script

Usage

usage: __main__.py [-h] [--legacy] file output

Enigma Vitural Box Unpacker

positional arguments:
  file                  File to be unpacked
  output                Extract destination directory

options:
  -h, --help            show this help message and exit
  --ignore-pe IGNORE_PE
                        Treat PE files like external packages and thereby does not recover the original executable (for usage without pefile)
  --legacy              Enable compatibility mode to work with older (6.x) EVB packages

Examples

python -m evbunpack Lycoris_radiata.mys ../biman5_chs_moe
python -m evbunpack biman2.exe extract --legacy

TODO

~~Restore original PEs~~
Registery configuration extraction

Credits

evb-extractor

aplib

License

Apache 2.0 License

1.4 KiB Raw Permalink Blame History