Live Stream VOD: Breaking Zeus VM Part 4 (Patreon)

This is the fourth part of our series on reverse engineering the VM protection in VMZeus. Finally we finish our disassembler! We finish the instruction definitions then spend the majority of the stream troubleshooting some very silly mistakes. 

During the troubleshooting we also use a debugger to trace the VM which is the "simplest" method for breaking VMs... just run them! 

Sample

f792997cb36a477fa55102ad6b680c97e3517b2e63c83c802bf8d57ae9ed525e UnpacMe

Notes

VM Reverse Engineering Part 2 - Disassembly