Skip to content
Hex-Rays microcode API plugin for breaking an obfuscating compiler
C++ Makefile
Branch: master
Clone or download
This branch is 8 commits ahead, 1 commit behind RolfRolles:master.

README.org

HexRaysDeob for APT10 ANEL

This is a forked repository of HexRaysDeob for defeating APT10 ANEL code obfuscations.

This plugin supports IDA 7.3 only.

The tested hashes are:

  • 3d2b3c9f50ed36bef90139e6dd250f140c373664984b97a97a5a70333387d18d (5.4.1 dropped payload)
  • f333358850d641653ea2d6b58b921870125af1fe77268a6fdfeda3e7e0fb636d (5.5.0 rev1 loader DLL)
You can’t perform that action at this time.