public override bool GetDecryptedModule(int count, ref byte[] newFileData, ref DumpedMethods dumpedMethods)
{
hasUnpacked = false;
byte[] fileData = GetFileData();
using (var peImage = new MyPEImage(fileData)) {
if ((decryptState & DecryptState.CanDecryptMethods) != 0)
{
bool decrypted = false;
if (jitMethodsDecrypter != null && jitMethodsDecrypter.Detected)
{
jitMethodsDecrypter.Initialize();
if (!jitMethodsDecrypter.Decrypt(peImage, fileData, ref dumpedMethods))
{
return(false);
}
decrypted = true;
}
else if (memoryMethodsDecrypter != null && memoryMethodsDecrypter.Detected)
{
memoryMethodsDecrypter.Initialize();
if (!memoryMethodsDecrypter.Decrypt(peImage, fileData))
{
return(false);
}
decrypted = true;
}
if (decrypted)
{
decryptState &= ~DecryptState.CanDecryptMethods;
decryptState |= DecryptState.CanUnpack;
newFileData = fileData;
ModuleBytes = newFileData;
return(true);
}
}
}
if ((decryptState & DecryptState.CanUnpack) != 0)
{
if (unpacker != null && unpacker.Detected)
{
if (options.DecryptMainAsm)
{
decryptState |= DecryptState.CanDecryptMethods | DecryptState.CanUnpack;
var mainInfo = unpacker.UnpackMainAssembly(true);
newFileData = mainInfo.data;
realAssemblyInfo = mainInfo.realAssemblyInfo;
embeddedAssemblyInfos.AddRange(unpacker.GetEmbeddedAssemblyInfos());
ModuleBytes = newFileData;
hasUnpacked = true;
return(true);
}
else
{
decryptState &= ~DecryptState.CanUnpack;
mainAsmInfo = unpacker.UnpackMainAssembly(false);
embeddedAssemblyInfos.AddRange(unpacker.GetEmbeddedAssemblyInfos());
return(false);
}
}
}
return(false);
}
