shumenol (*.evp)

Extraction and unpacking of game archives and compression, encryption, obfuscation, decoding of unknown files
happyend
Posts: 157
Joined: Sun Aug 24, 2014 8:54 am

shumenol (*.evp)

Post by happyend »

Samples:

http://www8.zippyshare.com/v/v5AXxkFw/file.html
http://www17.zippyshare.com/v/a2Y0ft5n/file.html
Top
aluigi
Site Admin
Posts: 12984
Joined: Wed Jul 30, 2014 9:32 pm

Re: shumenol (*.evp)

Post by aluigi »

It looks encrypted or obfuscated.
This is the header:

Code: Select all

idstring "evp"
get HASH string
get DUMMY short
get OFFSET longlong
get SIZE long
get DUMMY long
get DUMMY long
get ZERO long
get DUMMY long
get ZERO long
getdstring NAME 4
What's strange is that the data at offset 0x16072A3E looked like a header for compressed data but the fields don't match and there is no zlib/deflate data to scan.
Top
happyend
Posts: 157
Joined: Sun Aug 24, 2014 8:54 am

Re: shumenol (*.evp)

Post by happyend »

script doesn't working...
Top
aluigi
Site Admin
Posts: 12984
Joined: Wed Jul 30, 2014 9:32 pm

Re: shumenol (*.evp)

Post by aluigi »

ah no, it's just a script to how the header information, it's not a real script for extracting the files.
Top

Return to “Game Archive”