If you go back to the previous article, I mentioned the part where SecuROM walks all 100 possible VM contexts and finds the first free one. Well, the table starts at address 0x3BF7C2FC, since all the contexts are allocated from a single Heap(likely created by HeapCreate and later, memory is allocated using RtlAllocateHeap with said heap handle) they are contiguous, so I subtracted the address of one context with the previous in the table and came up with a size of 0x460(1120) bytes for each VM context, this includes the VM Context structure and the scratchpad, which is the area where the virtual registers are written, as well as code being written and executed.
Address 0x3BF7C2F8 is the spinlock value.
Now, when analyzing the first VM program, on the surface it felt like it wouldn't do much, but I actually saw that before it zeroes out the busy flag, it recursively(although I could be wrong) called the VM a dozen more times with different arguments, that much code will take very long to trace. In addition to this, it also writes and executes code off the scratchpad.
Now, let's analyze the first obfuscated VM handler from the previous post:
mov esi,dword ptr ds:[ebx+4]
add esi,dword ptr ds:[ebx+0C]
add esi,4
This part fetches the current VM EIP(which is a delta from the VM entry point), adds the entry point to compute the pointer to the opcodes. "add esi, 4" increments the VM EIP by 4 bytes.
push dword ptr ds:[esi]
pop edi
Translates to exactly mov edi, dword ptr ds:[esi] which moves the new opcode into register EDI.
mov dword ptr ds:[ebx+400],4
sub esi,dword ptr ds:[ebx+400]
This here is both boring and interesting, it's boring because it decrements the VM EIP by 4 bytes, but it's interesting that instead of fetching the opcode first, then incrementing by 4 bytes to get the next one, it does it backwards. It's also interesting, because offset 0x400 in the VM context is referenced elsewhere lots of times. Anyway, to basically simplify this, it's the equivalent of "sub esi, 4".
push dword ptr ds:[esi]
pop esi
Translates to "mov esi, dword ptr ds:[esi]". Again, moving an opcode into register ESI.
mov cl,byte ptr ds:[ebx+10] moves the modifier from the VM context into 8-bit register CL.
push eax
xor eax, esi
xor eax,dword ptr ss:[esp]
add esp,4
While eax isn't referenced before, it contains the address of the start of the handler, in my case it was 0x38F78918.
The address of the handler is xor'ed with the opcode we extracted into ESI. 38F78918 ^ 687ADD02 = 508D541A. And because push eax, pushed 38F78918 to the stack, xor eax,dword ptr ss:[esp] translates to 508D541A ^ 38F78918 = 687ADD02.
To summarize this uses the xor method of swapping values, which can be translated as mov eax, esi.
shl eax,10
shr eax,18
xor al,2A
add byte ptr ds:[ebx+10],al
So one of the opcodes we previously moved into ESI, then into EAX is used as a modifier, by adding it to the previous one(which by default is always 0x95). The shifts there essentially chopping off bits to extract the 3rd byte of the opcode and adds it to the default value to equal 0x72(1 byte add).
mov eax,3BF7C894
push edi
push eax
mov eax,esi
shl eax,18
shr eax,18
ror al,cl
xor al,78
shl eax,2
The constant being moved to EAX will be discussed later on as it is saved on the stack for later use. We will focus on mov eax, esi which moves the value 687ADD02 which we figured out how it was produced earlier, into register EAX, the next two shifts essentially extract the 4th byte, which is 0x2 and right rotate it with the default modifier 0x95 stored into CL. Since 0x95 is larger than the 32 bits, the value should wrap around, in the end we get a value of 0x10, which I suppose can be translated as al << 3. The value is then xor'ed with 0x78 and produced 0x68 which is then left shifted by 0x2 to produce 0x1A0.
add eax,ebx
mov edi,eax
pop eax
push eax
So what happened before, all that junk above just to compute offset 0x1A0, then the value from EBX is added to 0x1A0, EBX contains the address of the VM context. Now remember the constant before, 0x3BF7C894, it's moved to EAX via the first pop eax, and then it's pushed again. So pop eax, push eax can be translated as mov eax, dword ptr ss:[esp].
pop dword ptr ds:[edi]
The constant is stored to where EDI points to via that pop. It points to offset 0x1A0 in the VM context.
pop edi
push edi
pop eax
So what happens here? Well, pop edi moves one of the opcodes into EDI, then pushes it onto the stack again and pops it right back into EAX. So we can translated this as either mov eax, dword ptr ss:[esp] or if we take into account the pop edi instruction, then mov eax, edi. The opcode was 3852A852.
sub al,cl
xor eax,00B42D00
So, the last byte of opcode 3852A852 is subtracted by CL(0x95) and produces value 3852A8BD. which is xor'ed by 00B42D00 and the final value in EAX is 38E685BD.
add dword ptr ds:[ebx+4],8 <-- Update VM EIP with 8 bytes.
jmp eax <-- Jump to computed handler.
Pretty self-explanatory. VM EIP is incremented by 8 bytes, and we jump to the address in EAX, which is the next handler.
So what this handler did in a nutshell, is not only store the constant 3BF7C894 into 0x1A0(this could be a virtual register), but also compute the address of the next handler. So we can probably simplify this handler to "mov reg, imm" or as "mov reg1A0, 3BF7C894".
UPDATE:
Let's look at the handler that we jump to, which is the second handler. First thing to notice is this is a 12 byte opcode, and not 8 as with the previous one.
mov esi, dword ptr [ebx + 4]
add esi, dword ptr [ebx + 0xc]
Standard VM EIP delta, with the VM address being added to it.
add esi, 4
mov edi, dword ptr [esi]
One opcode being loaded into EDI, note again how ESI was incremented by 4, so it's loading the second DWORD opcode. The value is 02C4EC00.
mov dword ptr [ebx + 0x400], 4
sub esi, dword ptr [ebx + 0x400]
push dword ptr [esi + 8]
As ESI is decremented by 4, then a value at offset 0x8 is pushed on the stack, which is the 3rd opcode. So it's stored for later use.
push esi
xor esi, dword ptr [esi]
xor esi, dword ptr [esp]
add esp, 4
Again, standard swap using the xor trick. So essentially, this is mov esi, dword ptr ds:[esi]. We just loaded the first opcode.
mov cl, byte ptr [ebx + 0x10]
The modifier in the VM context is loaded into CL.
push eax
xor eax, esi
xor eax, dword ptr [esp]
add esp, 4
This piece translates to exactly, mov eax, esi.
shl eax, 0x10
shr eax, 0x18
xor al, 0x40
add byte ptr [ebx + 0x10], al
The value in EAX is E518721C, (0xE518721C << 0x10) >> 0x18 = 0x72 ^ 0x40 = 0x32 - we are extracting the third byte, decrypting it with the xor and updating the modifier.
push eax
xor eax, edi
xor eax, dword ptr [esp]
add esp, 4
Don't even need to see this in action to know that it is doing mov eax, edi.
xor eax, 0x2c4ec60
So 02C4EC00 ^ 02C4EC60 = 0x60.
sub esp, 4
mov dword ptr [esp], eax
This can simply be interpreted as push eax.
push esi
pop eax
Seems like we are moving what was in ESI to EAX e.g mov eax, esi.
shl eax, 0
shr eax, 0x18
rol al, cl
xor al, 0x36
shl eax, 2
This piece is is decrypting the value using the modifier. The first left shift is redundant, the whole operation is as follows: E5 << CL(0x8C) | E5 >> 32 - CL(0x8C) = 0x5E ^ 0x36 = 0x68 << 2 = 0x1A0. Woohoo, so it's our virtual register where we stored our constant before.
push eax
add dword ptr [esp], ebx
pop eax
The value in EAX is now 0x1A0. It is pushed on the stack, EBX is added to it(it contains the VM context address) and is popped back into EAX.
push edi
xor edi, eax
xor edi, dword ptr [esp]
add esp, 4
Translates to mov edi, eax.
pop eax
push eax
neg eax
sub dword ptr [edi], eax
By this point, pop eax moves into eax the value 0x60 that was pushed earlier on. Pushes it on the stack again.. It negates it which is to say -0x60 or 0-0x60 = FFFFFFA0 and substracts it from the virtual register reg1A0 which holds the constant 3BF7C894 to equal 3BF7C8F4.
mov dword ptr [ebx + 0x400], 0x2152f
mov eax, dword ptr [ebx + 0x400]
pop eax
Completely redundant operation. You move the value from EBX+400 to eax, but then do pop eax, which moves the value 0x60 to EAX overwriting the previous value. Which is also irrelevant, because it's overwritten in the next sequence.
pop eax
rol al, cl
xor eax, 0x2c4ec60
add dword ptr [ebx + 4], 0xc
jmp eax
So the first instruction moves the value 3A2245FD which is also the third opcode, rotates the last byte 0xFD with CL(0x8C) to produce the value 3A2245DF and then it's xor'ed with 02C4EC60, so 3A2245DF ^ 02C4EC60 = 38E6A9BF.
VM EIP is then incremented by 12!!! bytes and we jump to the next handler at address 38E6A9BF.
So this handler essentially does add reg1A0, 0x60, or "add vmreg, imm"?
Now, let's analyze the first obfuscated VM handler from the previous post:
mov esi,dword ptr ds:[ebx+4]
add esi,dword ptr ds:[ebx+0C]
add esi,4
push dword ptr ds:[esi]
pop edi
mov dword ptr ds:[ebx+400],4
sub esi,dword ptr ds:[ebx+400]
push dword ptr ds:[esi]
pop esi
mov cl,byte ptr ds:[ebx+10]
push eax
xor eax,esi
xor eax,dword ptr ss:[esp]
add esp,4
shl eax,10
shr eax,18
xor al,2A
add byte ptr ds:[ebx+10],al
mov eax,3BF7C894
push edi
push eax
mov eax,esi
shl eax,18
shr eax,18
ror al,cl
xor al,78
shl eax,2
add eax,ebx
mov edi,eax
pop eax
push eax
pop dword ptr ds:[edi]
pop edi
push edi
pop eax
sub al,cl
xor eax,00B42D00
add dword ptr ds:[ebx+4],8 <-- Update VM EIP with 8 bytes.
jmp eax <-- Jump to computed handler.
mov esi,dword ptr ds:[ebx+4]
add esi,dword ptr ds:[ebx+0C]
add esi,4
This part fetches the current VM EIP(which is a delta from the VM entry point), adds the entry point to compute the pointer to the opcodes. "add esi, 4" increments the VM EIP by 4 bytes.
push dword ptr ds:[esi]
pop edi
Translates to exactly mov edi, dword ptr ds:[esi] which moves the new opcode into register EDI.
mov dword ptr ds:[ebx+400],4
sub esi,dword ptr ds:[ebx+400]
This here is both boring and interesting, it's boring because it decrements the VM EIP by 4 bytes, but it's interesting that instead of fetching the opcode first, then incrementing by 4 bytes to get the next one, it does it backwards. It's also interesting, because offset 0x400 in the VM context is referenced elsewhere lots of times. Anyway, to basically simplify this, it's the equivalent of "sub esi, 4".
push dword ptr ds:[esi]
pop esi
Translates to "mov esi, dword ptr ds:[esi]". Again, moving an opcode into register ESI.
mov cl,byte ptr ds:[ebx+10] moves the modifier from the VM context into 8-bit register CL.
push eax
xor eax, esi
xor eax,dword ptr ss:[esp]
add esp,4
While eax isn't referenced before, it contains the address of the start of the handler, in my case it was 0x38F78918.
The address of the handler is xor'ed with the opcode we extracted into ESI. 38F78918 ^ 687ADD02 = 508D541A. And because push eax, pushed 38F78918 to the stack, xor eax,dword ptr ss:[esp] translates to 508D541A ^ 38F78918 = 687ADD02.
To summarize this uses the xor method of swapping values, which can be translated as mov eax, esi.
shl eax,10
shr eax,18
xor al,2A
add byte ptr ds:[ebx+10],al
So one of the opcodes we previously moved into ESI, then into EAX is used as a modifier, by adding it to the previous one(which by default is always 0x95). The shifts there essentially chopping off bits to extract the 3rd byte of the opcode and adds it to the default value to equal 0x72(1 byte add).
mov eax,3BF7C894
push edi
push eax
mov eax,esi
shl eax,18
shr eax,18
ror al,cl
xor al,78
shl eax,2
The constant being moved to EAX will be discussed later on as it is saved on the stack for later use. We will focus on mov eax, esi which moves the value 687ADD02 which we figured out how it was produced earlier, into register EAX, the next two shifts essentially extract the 4th byte, which is 0x2 and right rotate it with the default modifier 0x95 stored into CL. Since 0x95 is larger than the 32 bits, the value should wrap around, in the end we get a value of 0x10, which I suppose can be translated as al << 3. The value is then xor'ed with 0x78 and produced 0x68 which is then left shifted by 0x2 to produce 0x1A0.
add eax,ebx
mov edi,eax
pop eax
push eax
So what happened before, all that junk above just to compute offset 0x1A0, then the value from EBX is added to 0x1A0, EBX contains the address of the VM context. Now remember the constant before, 0x3BF7C894, it's moved to EAX via the first pop eax, and then it's pushed again. So pop eax, push eax can be translated as mov eax, dword ptr ss:[esp].
pop dword ptr ds:[edi]
The constant is stored to where EDI points to via that pop. It points to offset 0x1A0 in the VM context.
pop edi
push edi
pop eax
So what happens here? Well, pop edi moves one of the opcodes into EDI, then pushes it onto the stack again and pops it right back into EAX. So we can translated this as either mov eax, dword ptr ss:[esp] or if we take into account the pop edi instruction, then mov eax, edi. The opcode was 3852A852.
sub al,cl
xor eax,00B42D00
So, the last byte of opcode 3852A852 is subtracted by CL(0x95) and produces value 3852A8BD. which is xor'ed by 00B42D00 and the final value in EAX is 38E685BD.
add dword ptr ds:[ebx+4],8 <-- Update VM EIP with 8 bytes.
jmp eax <-- Jump to computed handler.
Pretty self-explanatory. VM EIP is incremented by 8 bytes, and we jump to the address in EAX, which is the next handler.
So what this handler did in a nutshell, is not only store the constant 3BF7C894 into 0x1A0(this could be a virtual register), but also compute the address of the next handler. So we can probably simplify this handler to "mov reg, imm" or as "mov reg1A0, 3BF7C894".
UPDATE:
Let's look at the handler that we jump to, which is the second handler. First thing to notice is this is a 12 byte opcode, and not 8 as with the previous one.
mov esi, dword ptr [ebx + 4]
add esi, dword ptr [ebx + 0xc]
Standard VM EIP delta, with the VM address being added to it.
add esi, 4
mov edi, dword ptr [esi]
One opcode being loaded into EDI, note again how ESI was incremented by 4, so it's loading the second DWORD opcode. The value is 02C4EC00.
mov dword ptr [ebx + 0x400], 4
sub esi, dword ptr [ebx + 0x400]
push dword ptr [esi + 8]
As ESI is decremented by 4, then a value at offset 0x8 is pushed on the stack, which is the 3rd opcode. So it's stored for later use.
push esi
xor esi, dword ptr [esi]
xor esi, dword ptr [esp]
add esp, 4
Again, standard swap using the xor trick. So essentially, this is mov esi, dword ptr ds:[esi]. We just loaded the first opcode.
mov cl, byte ptr [ebx + 0x10]
The modifier in the VM context is loaded into CL.
push eax
xor eax, esi
xor eax, dword ptr [esp]
add esp, 4
This piece translates to exactly, mov eax, esi.
shl eax, 0x10
shr eax, 0x18
xor al, 0x40
add byte ptr [ebx + 0x10], al
The value in EAX is E518721C, (0xE518721C << 0x10) >> 0x18 = 0x72 ^ 0x40 = 0x32 - we are extracting the third byte, decrypting it with the xor and updating the modifier.
push eax
xor eax, edi
xor eax, dword ptr [esp]
add esp, 4
Don't even need to see this in action to know that it is doing mov eax, edi.
xor eax, 0x2c4ec60
So 02C4EC00 ^ 02C4EC60 = 0x60.
sub esp, 4
mov dword ptr [esp], eax
This can simply be interpreted as push eax.
push esi
pop eax
Seems like we are moving what was in ESI to EAX e.g mov eax, esi.
shl eax, 0
shr eax, 0x18
rol al, cl
xor al, 0x36
shl eax, 2
This piece is is decrypting the value using the modifier. The first left shift is redundant, the whole operation is as follows: E5 << CL(0x8C) | E5 >> 32 - CL(0x8C) = 0x5E ^ 0x36 = 0x68 << 2 = 0x1A0. Woohoo, so it's our virtual register where we stored our constant before.
push eax
add dword ptr [esp], ebx
pop eax
The value in EAX is now 0x1A0. It is pushed on the stack, EBX is added to it(it contains the VM context address) and is popped back into EAX.
push edi
xor edi, eax
xor edi, dword ptr [esp]
add esp, 4
Translates to mov edi, eax.
pop eax
push eax
neg eax
sub dword ptr [edi], eax
By this point, pop eax moves into eax the value 0x60 that was pushed earlier on. Pushes it on the stack again.. It negates it which is to say -0x60 or 0-0x60 = FFFFFFA0 and substracts it from the virtual register reg1A0 which holds the constant 3BF7C894 to equal 3BF7C8F4.
mov dword ptr [ebx + 0x400], 0x2152f
mov eax, dword ptr [ebx + 0x400]
pop eax
Completely redundant operation. You move the value from EBX+400 to eax, but then do pop eax, which moves the value 0x60 to EAX overwriting the previous value. Which is also irrelevant, because it's overwritten in the next sequence.
pop eax
rol al, cl
xor eax, 0x2c4ec60
add dword ptr [ebx + 4], 0xc
jmp eax
So the first instruction moves the value 3A2245FD which is also the third opcode, rotates the last byte 0xFD with CL(0x8C) to produce the value 3A2245DF and then it's xor'ed with 02C4EC60, so 3A2245DF ^ 02C4EC60 = 38E6A9BF.
VM EIP is then incremented by 12!!! bytes and we jump to the next handler at address 38E6A9BF.
So this handler essentially does add reg1A0, 0x60, or "add vmreg, imm"?
Hi,
ReplyDeleteCan you share with us some more thoughts about Denuvo? what make it so special and hard to crack?
Hi, thanks for your question.
DeleteWhile I can't give you a definitive answer, as I've yet to tackle Denuvo, I've talked to mkdev and various other people working on Denuvo and have asked them the same question. I didn't get a specific answer, but from seeing their discussion, it's various Hardware ID(HWID) code that are specially tailored and downloaded and applied to the game when first activated. Probably also the VMProtect virtual machine.
Hi, thanks for you answer and this interesting blog :)
DeleteI guess we'll find out more data on this subject in the future...
good, thanks again.
ReplyDeleteLet me learn a lot
B.r
Sound