How to Get Started

Install VxLang and set up your project

Download the VxLang binary from the path below.

For the full version of VxLang, it must be installed in the same path as the license file (vxlang.vxm) for it to work. The license file is distributed to users by the administrator.

TIP

vxlang.exe
vxlang.vxm

VxLang works through a JSON-based project file. When run as shown below, it creates a temporary project file, temp.json.

\:> vxlang.exe

   /$$$____/$$$_/$$$____/$$$_$/$$$______/$$$$$$$$$____/$$/$$$$$$___/_/$$$$$$$_
   $//$$$__/$$$_$///$$$/$$$/__$/$$$_____$////////$$$__$/$$$////$$$__/$$////$$$_
   __$//$$$/$$$____$///$$$/____$/$$$_______/$$$$$$$$$$_$/$$$__$//$$-_/$$$$$$$$$_
   ____$//$$$$$______/$$$/$$$___$/$$$______/$$$/////$$$_$/$$$___$/$$__///////$$$_
   ______$//$$$_____/$$$/$///$$$_$/$$$$$$$_$//$$$$$$$$/__$/$$$___$/$$_/$$$$$$$$$__
   ________$///_____$///____$///__$///////___$////////$//_$///____$//__$////////__
                                                                       ver.2.1.6.1
   2025.06.22 16:21:02   About program..
   2025.06.22 16:21:02   : Full-Version

   2025.06.22 16:21:02   Project-Mode
   2025.06.22 16:21:02   e.g. vxlang.exe --opt-project ${JSON-PATH}
   2025.06.22 16:21:02   e.g. vxlang.exe --opt-project ${JSON-PATH} --disable-core

   2025.06.22 16:21:02   CMD-Mode
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH}
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH} --backup
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH} --out ${OUT-PATH}
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH} --disable-packer
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH} --use-debug-data
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH} --disable-import-mutation
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH} --use-anti-tamper
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH} --opt-section-name ${NAME}
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH} --opt-entry
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH} --opt-fla-entry
   2025.06.22 16:21:02   e.g. vxlang.exe ${SRC-PATH} --opt-message ${DETECT-MESSAGE}

   2025.06.22 16:21:02   Temporary json project file created.

The basic project file (JSON) configuration looks like this:

{
    "input": "",
    "output": "",
    "backup": false,
    "use-data-section": false,
    "base-section-name": "",
    "map-file-path": "",
    "virtualizer": {
        "entry-point": false,
        "virtualization": [],
        "dual-mode": [],
        "multiple-virtual-machine": false
    },
    "obfuscator": {
        "entry-point": false,
        "obfuscation": [],
        "flattening": []
    },
    "protector": {
        "compress": true,
        "symbol-data": true,
        "mutate-import-table": true,
        "vxlang-link-event": false,
        "link-event-callback": "",
        "extension": [],
        "raw-data": [],
        "anti-tamper": {
            "enable": false,
            "memory-protection": false,
            "pause-protection": false,
            "message": ""
        },
        "reflection": {
            "enable": false,
            "ldr-update": true
        }
    }
}

Each configuration looks like this:

  • input
    • This is the path to the target file.
  • output
    • This is the name of the output file. If not specified, the destination filename will be appended to the output with vxm.
      • e.g. input: sample.exe output: sample.vxm.exe
  • backup
    • This is whether the original file is backed up or not.
  • use-data-section
    • This is whether to recycle the data section. If this is true, add VxLang data to the data section without adding a section.
  • base-section-name
    • This is the base name to which the VxLang data is added.
  • map-file-path
    • This is the path to the MAP file.
  • virtualizer
    • This is a virtualization-specific option.
      • entry-point
        • This determines whether the program entry point is virtualized or not.
      • virtualization
        • This is an array of the function’s output information as written to the MAP file. Perform virtualization operations on the input functions in the array.
      • dual-mode
        • This is an array of the function’s output information as written to the MAP file. Perform dual-mode operations on the input functions in the array.
      • multiple-virtual-machine
        • If true, this will deploy multiple virtual machines.
  • obfuscator
    • This is an option related to obfuscation.
      • entry-point
        • This determines whether or not to obfuscate the program’s entry point.
      • obfuscation
        • This is an array of the function’s output information as written to the MAP file. Perform obfuscation operations on the input functions in the array.
      • flattening
        • This is an array of the function’s output information as written to the MAP file. Perform code-flattening operations on the input functions in the array.
  • protector
    • This is an option for binary protectors.
      • compress
        • This is whether the target program is compressed or not. If this is not set, only the VxLang core will be added.
      • symbol-data
        • This is whether debug symbols are enabled or disabled. If false, no debugging symbols are added.
      • mutate-import-table
        • This is whether or not to obfuscate for import-table.
      • vxlang-link-event
        • This is whether to connect to the callbacks that the user has registered, if using the VxLang SDK.
      • link-event-callback
        • The name of the user callback function, which must be registered with Export-Table.
      • extension
        • This is VxLang extension module.
      • raw-data
        • This is VxLang extension data.
      • anti-tamper
        • This is an option for anti-tamper.
          • enable
            • This indicates whether anti-tamper is enabled.
          • memory-protection
            • Indicates whether memory-protection is enabled for the feature.
          • pause-protection
            • This indicates whether process pause prevention is enabled or disabled.
          • message
            • This is the message that will be printed when detected. If this is not set, the message box will not be printed.
      • reflection
        • This indicates whether the process load location is reconfigured.
          • enable
            • This indicates whether the reflection feature is enabled.
          • ldr-update
            • This indicates whether or not to reconnect to the LDR.

Simply follow the steps below, which will create a default project file for your binary.

:\> vxlang.exe ${Windows-Binary}
e.g. vxlang.exe sample.exe
...

Setting up for code-obfuscation continues in the next chapter.

results matching ""

    No results matching ""