feat: Add logic stub and support for Memory CRC protection in Ryujin-protected binaries

- Implemented support for CRC-based memory protection stub.
- Improved CRC algorithm for better uniqueness and robustness.
- Added capability for Ryujin to store CRC from the .ryujin section into section header fields.
- Bug fixes and updated documentation.

RyujinCore/Ryujin/RyujinCore/RyujinObfuscationCore.cc

@@ -1927,7 +1927,7 @@ void RyujinObfuscationCore::insertAntiDump() {
 				const auto pOpcodeBuffer = opcodeBuffer.data();
 				antidump_instructions.reserve(opcodeBuffer.size());
 
-				// Storing our new opcodes for antidebug detection
+				// Storing our new opcodes for antidump detection
 				for (auto i = 0; i < opcodeBuffer.size(); ++i) antidump_instructions.push_back(static_cast<ZyanU8>(pOpcodeBuffer[i]));
 
 				// Saving the opcode block
@@ -1943,11 +1943,259 @@ void RyujinObfuscationCore::insertAntiDump() {
 
 void RyujinObfuscationCore::insertMemoryProtection() {
 
-	unsigned char ucTest[]{ 0xDE, 0xAD, 0xBE, 0xEF };
+	BOOL isInserted{ FALSE };
 
-	RyujinCRC32Utils crcTest;
+	for (auto& block : m_proc.basic_blocks) {
-	std::printf("RyujinObfuscationCore::insertMemoryProtection.TEST: 0x%X\n", crcTest.crc32(ucTest, 4));
 
+		for (auto& instr : block.instructions) {
+
+			if (isInserted) break;
+
+			if (!isInserted) {
+
+				auto block_info = findBlockId(instr.instruction.info.opcode, instr.instruction.operands[1].imm.value.u, 2, sizeof(unsigned char));
+
+				if (block_info.first == -1 || block_info.second == -1) continue;
+
+				auto& data = m_proc.basic_blocks[block_info.first].opcodes[block_info.second];
+
+				asmjit::JitRuntime runtime;
+
+				asmjit::CodeHolder code;
+				code.init(runtime.environment());
+				asmjit::x86::Assembler a(&code);
+
+				// First, saving the states
+
+				// Push flags
+				a.pushfq();
+
+				// Push regs
+				a.push(asmjit::x86::rax);
+				a.push(asmjit::x86::rcx);
+				a.push(asmjit::x86::rdx);
+				a.push(asmjit::x86::rbx);
+				a.push(asmjit::x86::rbp);
+				a.push(asmjit::x86::rsi);
+				a.push(asmjit::x86::rdi);
+				a.push(asmjit::x86::r8);
+				a.push(asmjit::x86::r9);
+				a.push(asmjit::x86::r10);
+				a.push(asmjit::x86::r11);
+				a.push(asmjit::x86::r12);
+				a.push(asmjit::x86::r13);
+				a.push(asmjit::x86::r14);
+				a.push(asmjit::x86::r15);
+
+				std::vector<unsigned char> memoryProtectionShellcode = {
+				
+					/*
+						TODO
+					*/
+					0x48, 0x81, 0xEC, 0x58, 0x01, 0x00, 0x00, 0x65, 0x48, 0x8B, 0x04, 0x25,
+					0x60, 0x00, 0x00, 0x00, 0x48, 0x89, 0x84, 0x24, 0x80, 0x00, 0x00, 0x00,
+					0x48, 0x83, 0xBC, 0x24, 0x80, 0x00, 0x00, 0x00, 0x00, 0x74, 0x1E, 0x48,
+					0x8B, 0x84, 0x24, 0x80, 0x00, 0x00, 0x00, 0x48, 0x83, 0x78, 0x10, 0x00,
+					0x74, 0x0F, 0x48, 0x8B, 0x84, 0x24, 0x80, 0x00, 0x00, 0x00, 0x48, 0x83,
+					0x78, 0x18, 0x00, 0x75, 0x05, 0xE9, 0x16, 0x07, 0x00, 0x00, 0x48, 0x8B,
+					0x84, 0x24, 0x80, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x40, 0x10, 0x48, 0x89,
+					0x84, 0x24, 0xE8, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0xE8, 0x00,
+					0x00, 0x00, 0x48, 0x89, 0x84, 0x24, 0x00, 0x01, 0x00, 0x00, 0x48, 0x8B,
+					0x84, 0x24, 0x00, 0x01, 0x00, 0x00, 0x0F, 0xB7, 0x00, 0x3D, 0x4D, 0x5A,
+					0x00, 0x00, 0x74, 0x05, 0xE9, 0xDB, 0x06, 0x00, 0x00, 0x48, 0x8B, 0x84,
+					0x24, 0x00, 0x01, 0x00, 0x00, 0x48, 0x63, 0x40, 0x3C, 0x48, 0x8B, 0x8C,
+					0x24, 0xE8, 0x00, 0x00, 0x00, 0x48, 0x03, 0xC8, 0x48, 0x8B, 0xC1, 0x48,
+					0x89, 0x84, 0x24, 0xA0, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0xA0,
+					0x00, 0x00, 0x00, 0x81, 0x38, 0x50, 0x45, 0x00, 0x00, 0x74, 0x05, 0xE9,
+					0xA4, 0x06, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0xA0, 0x00, 0x00, 0x00,
+					0x0F, 0xB7, 0x40, 0x14, 0x48, 0x8B, 0x8C, 0x24, 0xA0, 0x00, 0x00, 0x00,
+					0x48, 0x8D, 0x44, 0x01, 0x18, 0x48, 0x89, 0x84, 0x24, 0xA8, 0x00, 0x00,
+					0x00, 0x48, 0x8B, 0x84, 0x24, 0xA0, 0x00, 0x00, 0x00, 0x0F, 0xB7, 0x40,
+					0x06, 0x89, 0x84, 0x24, 0xF8, 0x00, 0x00, 0x00, 0xC6, 0x44, 0x24, 0x50,
+					0x2E, 0xC6, 0x44, 0x24, 0x51, 0x52, 0xC6, 0x44, 0x24, 0x52, 0x79, 0xC6,
+					0x44, 0x24, 0x53, 0x75, 0xC6, 0x44, 0x24, 0x54, 0x6A, 0xC6, 0x44, 0x24,
+					0x55, 0x69, 0xC6, 0x44, 0x24, 0x56, 0x6E, 0xC6, 0x44, 0x24, 0x57, 0x00,
+					0x48, 0xC7, 0x84, 0x24, 0x98, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+					0xC7, 0x44, 0x24, 0x78, 0x00, 0x00, 0x00, 0x00, 0xEB, 0x1E, 0x8B, 0x44,
+					0x24, 0x78, 0xFF, 0xC0, 0x89, 0x44, 0x24, 0x78, 0x48, 0x8B, 0x84, 0x24,
+					0xA8, 0x00, 0x00, 0x00, 0x48, 0x83, 0xC0, 0x28, 0x48, 0x89, 0x84, 0x24,
+					0xA8, 0x00, 0x00, 0x00, 0x8B, 0x84, 0x24, 0xF8, 0x00, 0x00, 0x00, 0x39,
+					0x44, 0x24, 0x78, 0x7D, 0x68, 0xC6, 0x44, 0x24, 0x20, 0x01, 0xC7, 0x44,
+					0x24, 0x2C, 0x00, 0x00, 0x00, 0x00, 0xEB, 0x0A, 0x8B, 0x44, 0x24, 0x2C,
+					0xFF, 0xC0, 0x89, 0x44, 0x24, 0x2C, 0x83, 0x7C, 0x24, 0x2C, 0x08, 0x7D,
+					0x28, 0x48, 0x63, 0x44, 0x24, 0x2C, 0x48, 0x8B, 0x8C, 0x24, 0xA8, 0x00,
+					0x00, 0x00, 0x0F, 0xB6, 0x04, 0x01, 0x48, 0x63, 0x4C, 0x24, 0x2C, 0x0F,
+					0xBE, 0x4C, 0x0C, 0x50, 0x3B, 0xC1, 0x74, 0x07, 0xC6, 0x44, 0x24, 0x20,
+					0x00, 0xEB, 0x02, 0xEB, 0xC7, 0x0F, 0xB6, 0x44, 0x24, 0x20, 0x85, 0xC0,
+					0x74, 0x12, 0x48, 0x8B, 0x84, 0x24, 0xA8, 0x00, 0x00, 0x00, 0x48, 0x89,
+					0x84, 0x24, 0x98, 0x00, 0x00, 0x00, 0xEB, 0x05, 0xE9, 0x6D, 0xFF, 0xFF,
+					0xFF, 0x48, 0x83, 0xBC, 0x24, 0x98, 0x00, 0x00, 0x00, 0x00, 0x75, 0x05,
+					0xE9, 0x8F, 0x05, 0x00, 0x00, 0xB8, 0x6E, 0x00, 0x00, 0x00, 0x66, 0x89,
+					0x84, 0x24, 0xC8, 0x00, 0x00, 0x00, 0xB8, 0x74, 0x00, 0x00, 0x00, 0x66,
+					0x89, 0x84, 0x24, 0xCA, 0x00, 0x00, 0x00, 0xB8, 0x64, 0x00, 0x00, 0x00,
+					0x66, 0x89, 0x84, 0x24, 0xCC, 0x00, 0x00, 0x00, 0xB8, 0x6C, 0x00, 0x00,
+					0x00, 0x66, 0x89, 0x84, 0x24, 0xCE, 0x00, 0x00, 0x00, 0xB8, 0x6C, 0x00,
+					0x00, 0x00, 0x66, 0x89, 0x84, 0x24, 0xD0, 0x00, 0x00, 0x00, 0xB8, 0x2E,
+					0x00, 0x00, 0x00, 0x66, 0x89, 0x84, 0x24, 0xD2, 0x00, 0x00, 0x00, 0xB8,
+					0x64, 0x00, 0x00, 0x00, 0x66, 0x89, 0x84, 0x24, 0xD4, 0x00, 0x00, 0x00,
+					0xB8, 0x6C, 0x00, 0x00, 0x00, 0x66, 0x89, 0x84, 0x24, 0xD6, 0x00, 0x00,
+					0x00, 0xB8, 0x6C, 0x00, 0x00, 0x00, 0x66, 0x89, 0x84, 0x24, 0xD8, 0x00,
+					0x00, 0x00, 0x33, 0xC0, 0x66, 0x89, 0x84, 0x24, 0xDA, 0x00, 0x00, 0x00,
+					0xC6, 0x44, 0x24, 0x58, 0x4E, 0xC6, 0x44, 0x24, 0x59, 0x74, 0xC6, 0x44,
+					0x24, 0x5A, 0x54, 0xC6, 0x44, 0x24, 0x5B, 0x65, 0xC6, 0x44, 0x24, 0x5C,
+					0x72, 0xC6, 0x44, 0x24, 0x5D, 0x6D, 0xC6, 0x44, 0x24, 0x5E, 0x69, 0xC6,
+					0x44, 0x24, 0x5F, 0x6E, 0xC6, 0x44, 0x24, 0x60, 0x61, 0xC6, 0x44, 0x24,
+					0x61, 0x74, 0xC6, 0x44, 0x24, 0x62, 0x65, 0xC6, 0x44, 0x24, 0x63, 0x50,
+					0xC6, 0x44, 0x24, 0x64, 0x72, 0xC6, 0x44, 0x24, 0x65, 0x6F, 0xC6, 0x44,
+					0x24, 0x66, 0x63, 0xC6, 0x44, 0x24, 0x67, 0x65, 0xC6, 0x44, 0x24, 0x68,
+					0x73, 0xC6, 0x44, 0x24, 0x69, 0x73, 0xC6, 0x44, 0x24, 0x6A, 0x00, 0x48,
+					0xC7, 0x44, 0x24, 0x38, 0x00, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24,
+					0x80, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x40, 0x18, 0x48, 0x8B, 0x40, 0x28,
+					0x48, 0x89, 0x84, 0x24, 0xB0, 0x00, 0x00, 0x00, 0xEB, 0x13, 0x48, 0x8B,
+					0x84, 0x24, 0xB0, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x00, 0x48, 0x89, 0x84,
+					0x24, 0xB0, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0x80, 0x00, 0x00,
+					0x00, 0x48, 0x8B, 0x40, 0x18, 0x48, 0x83, 0xC0, 0x28, 0x48, 0x39, 0x84,
+					0x24, 0xB0, 0x00, 0x00, 0x00, 0x0F, 0x84, 0x6D, 0x01, 0x00, 0x00, 0x48,
+					0x8B, 0x84, 0x24, 0xB0, 0x00, 0x00, 0x00, 0x48, 0x83, 0xE8, 0x10, 0x48,
+					0x89, 0x84, 0x24, 0xE0, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0xE0,
+					0x00, 0x00, 0x00, 0x48, 0x83, 0x78, 0x60, 0x00, 0x75, 0x02, 0xEB, 0xAA,
+					0x48, 0x8B, 0x84, 0x24, 0xE0, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x40, 0x60,
+					0x48, 0x89, 0x44, 0x24, 0x48, 0x48, 0x8D, 0x84, 0x24, 0xC8, 0x00, 0x00,
+					0x00, 0x48, 0x89, 0x44, 0x24, 0x40, 0xC6, 0x44, 0x24, 0x21, 0x01, 0xEB,
+					0x1C, 0x48, 0x8B, 0x44, 0x24, 0x40, 0x48, 0x83, 0xC0, 0x02, 0x48, 0x89,
+					0x44, 0x24, 0x40, 0x48, 0x8B, 0x44, 0x24, 0x48, 0x48, 0x83, 0xC0, 0x02,
+					0x48, 0x89, 0x44, 0x24, 0x48, 0x48, 0x8B, 0x44, 0x24, 0x40, 0x0F, 0xB7,
+					0x00, 0x85, 0xC0, 0x0F, 0x84, 0xBE, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x44,
+					0x24, 0x48, 0x0F, 0xB7, 0x00, 0x85, 0xC0, 0x0F, 0x84, 0xAE, 0x00, 0x00,
+					0x00, 0x48, 0x8B, 0x44, 0x24, 0x48, 0x0F, 0xB7, 0x00, 0x83, 0xF8, 0x41,
+					0x7C, 0x21, 0x48, 0x8B, 0x44, 0x24, 0x48, 0x0F, 0xB7, 0x00, 0x83, 0xF8,
+					0x5A, 0x7F, 0x14, 0x48, 0x8B, 0x44, 0x24, 0x48, 0x0F, 0xB7, 0x00, 0x83,
+					0xC0, 0x20, 0x89, 0x84, 0x24, 0x88, 0x00, 0x00, 0x00, 0xEB, 0x0F, 0x48,
+					0x8B, 0x44, 0x24, 0x48, 0x0F, 0xB7, 0x00, 0x89, 0x84, 0x24, 0x88, 0x00,
+					0x00, 0x00, 0x0F, 0xB7, 0x84, 0x24, 0x88, 0x00, 0x00, 0x00, 0x66, 0x89,
+					0x44, 0x24, 0x70, 0x48, 0x8B, 0x44, 0x24, 0x40, 0x0F, 0xB7, 0x00, 0x83,
+					0xF8, 0x41, 0x7C, 0x21, 0x48, 0x8B, 0x44, 0x24, 0x40, 0x0F, 0xB7, 0x00,
+					0x83, 0xF8, 0x5A, 0x7F, 0x14, 0x48, 0x8B, 0x44, 0x24, 0x40, 0x0F, 0xB7,
+					0x00, 0x83, 0xC0, 0x20, 0x89, 0x84, 0x24, 0x8C, 0x00, 0x00, 0x00, 0xEB,
+					0x0F, 0x48, 0x8B, 0x44, 0x24, 0x40, 0x0F, 0xB7, 0x00, 0x89, 0x84, 0x24,
+					0x8C, 0x00, 0x00, 0x00, 0x0F, 0xB7, 0x84, 0x24, 0x8C, 0x00, 0x00, 0x00,
+					0x66, 0x89, 0x44, 0x24, 0x74, 0x0F, 0xB7, 0x44, 0x24, 0x70, 0x0F, 0xB7,
+					0x4C, 0x24, 0x74, 0x3B, 0xC1, 0x74, 0x07, 0xC6, 0x44, 0x24, 0x21, 0x00,
+					0xEB, 0x05, 0xE9, 0x16, 0xFF, 0xFF, 0xFF, 0x0F, 0xB6, 0x44, 0x24, 0x21,
+					0x85, 0xC0, 0x74, 0x2B, 0x48, 0x8B, 0x44, 0x24, 0x40, 0x0F, 0xB7, 0x00,
+					0x85, 0xC0, 0x75, 0x1F, 0x48, 0x8B, 0x44, 0x24, 0x48, 0x0F, 0xB7, 0x00,
+					0x85, 0xC0, 0x75, 0x13, 0x48, 0x8B, 0x84, 0x24, 0xE0, 0x00, 0x00, 0x00,
+					0x48, 0x8B, 0x40, 0x30, 0x48, 0x89, 0x44, 0x24, 0x38, 0xEB, 0x05, 0xE9,
+					0x62, 0xFE, 0xFF, 0xFF, 0x48, 0x83, 0x7C, 0x24, 0x38, 0x00, 0x75, 0x05,
+					0xE9, 0xE3, 0x02, 0x00, 0x00, 0x48, 0x8B, 0x44, 0x24, 0x38, 0x48, 0x89,
+					0x84, 0x24, 0x18, 0x01, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0x18, 0x01,
+					0x00, 0x00, 0x48, 0x63, 0x40, 0x3C, 0x48, 0x8B, 0x4C, 0x24, 0x38, 0x48,
+					0x03, 0xC8, 0x48, 0x8B, 0xC1, 0x48, 0x89, 0x84, 0x24, 0x20, 0x01, 0x00,
+					0x00, 0xB8, 0x08, 0x00, 0x00, 0x00, 0x48, 0x6B, 0xC0, 0x00, 0x48, 0x8B,
+					0x8C, 0x24, 0x20, 0x01, 0x00, 0x00, 0x48, 0x8D, 0x84, 0x01, 0x88, 0x00,
+					0x00, 0x00, 0x48, 0x89, 0x84, 0x24, 0x08, 0x01, 0x00, 0x00, 0x48, 0x8B,
+					0x84, 0x24, 0x08, 0x01, 0x00, 0x00, 0x83, 0x38, 0x00, 0x75, 0x05, 0xE9,
+					0x84, 0x02, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0x08, 0x01, 0x00, 0x00,
+					0x8B, 0x00, 0x48, 0x8B, 0x4C, 0x24, 0x38, 0x48, 0x03, 0xC8, 0x48, 0x8B,
+					0xC1, 0x48, 0x89, 0x84, 0x24, 0xB8, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x84,
+					0x24, 0xB8, 0x00, 0x00, 0x00, 0x8B, 0x40, 0x20, 0x48, 0x8B, 0x4C, 0x24,
+					0x38, 0x48, 0x03, 0xC8, 0x48, 0x8B, 0xC1, 0x48, 0x89, 0x84, 0x24, 0x28,
+					0x01, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0xB8, 0x00, 0x00, 0x00, 0x8B,
+					0x40, 0x24, 0x48, 0x8B, 0x4C, 0x24, 0x38, 0x48, 0x03, 0xC8, 0x48, 0x8B,
+					0xC1, 0x48, 0x89, 0x84, 0x24, 0x30, 0x01, 0x00, 0x00, 0x48, 0x8B, 0x84,
+					0x24, 0xB8, 0x00, 0x00, 0x00, 0x8B, 0x40, 0x1C, 0x48, 0x8B, 0x4C, 0x24,
+					0x38, 0x48, 0x03, 0xC8, 0x48, 0x8B, 0xC1, 0x48, 0x89, 0x84, 0x24, 0x38,
+					0x01, 0x00, 0x00, 0x48, 0xC7, 0x84, 0x24, 0xF0, 0x00, 0x00, 0x00, 0x00,
+					0x00, 0x00, 0x00, 0xC7, 0x44, 0x24, 0x30, 0x00, 0x00, 0x00, 0x00, 0xEB,
+					0x0A, 0x8B, 0x44, 0x24, 0x30, 0xFF, 0xC0, 0x89, 0x44, 0x24, 0x30, 0x48,
+					0x8B, 0x84, 0x24, 0xB8, 0x00, 0x00, 0x00, 0x8B, 0x40, 0x18, 0x39, 0x44,
+					0x24, 0x30, 0x0F, 0x83, 0xC4, 0x00, 0x00, 0x00, 0x8B, 0x44, 0x24, 0x30,
+					0x48, 0x8B, 0x8C, 0x24, 0x28, 0x01, 0x00, 0x00, 0x8B, 0x04, 0x81, 0x48,
+					0x8B, 0x4C, 0x24, 0x38, 0x48, 0x03, 0xC8, 0x48, 0x8B, 0xC1, 0x48, 0x89,
+					0x84, 0x24, 0x10, 0x01, 0x00, 0x00, 0xC6, 0x44, 0x24, 0x22, 0x01, 0xC7,
+					0x44, 0x24, 0x28, 0x00, 0x00, 0x00, 0x00, 0xEB, 0x0A, 0x8B, 0x44, 0x24,
+					0x28, 0xFF, 0xC0, 0x89, 0x44, 0x24, 0x28, 0x48, 0x63, 0x44, 0x24, 0x28,
+					0x0F, 0xBE, 0x44, 0x04, 0x58, 0x85, 0xC0, 0x75, 0x15, 0x48, 0x63, 0x44,
+					0x24, 0x28, 0x48, 0x8B, 0x8C, 0x24, 0x10, 0x01, 0x00, 0x00, 0x0F, 0xBE,
+					0x04, 0x01, 0x85, 0xC0, 0x74, 0x28, 0x48, 0x63, 0x44, 0x24, 0x28, 0x0F,
+					0xBE, 0x44, 0x04, 0x58, 0x48, 0x63, 0x4C, 0x24, 0x28, 0x48, 0x8B, 0x94,
+					0x24, 0x10, 0x01, 0x00, 0x00, 0x0F, 0xBE, 0x0C, 0x0A, 0x3B, 0xC1, 0x74,
+					0x07, 0xC6, 0x44, 0x24, 0x22, 0x00, 0xEB, 0x02, 0xEB, 0xAB, 0x0F, 0xB6,
+					0x44, 0x24, 0x22, 0x85, 0xC0, 0x74, 0x30, 0x8B, 0x44, 0x24, 0x30, 0x48,
+					0x8B, 0x8C, 0x24, 0x30, 0x01, 0x00, 0x00, 0x0F, 0xB7, 0x04, 0x41, 0x48,
+					0x8B, 0x8C, 0x24, 0x38, 0x01, 0x00, 0x00, 0x8B, 0x04, 0x81, 0x48, 0x8B,
+					0x4C, 0x24, 0x38, 0x48, 0x03, 0xC8, 0x48, 0x8B, 0xC1, 0x48, 0x89, 0x84,
+					0x24, 0xF0, 0x00, 0x00, 0x00, 0xEB, 0x05, 0xE9, 0x1D, 0xFF, 0xFF, 0xFF,
+					0x48, 0x83, 0xBC, 0x24, 0xF0, 0x00, 0x00, 0x00, 0x00, 0x0F, 0x84, 0x05,
+					0x01, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0x98, 0x00, 0x00, 0x00, 0x8B,
+					0x40, 0x0C, 0x48, 0x8B, 0x8C, 0x24, 0xE8, 0x00, 0x00, 0x00, 0x48, 0x03,
+					0xC8, 0x48, 0x8B, 0xC1, 0x48, 0x89, 0x84, 0x24, 0x40, 0x01, 0x00, 0x00,
+					0xC7, 0x44, 0x24, 0x24, 0xFF, 0xFF, 0xFF, 0xFF, 0x48, 0xC7, 0x84, 0x24,
+					0xC0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xEB, 0x13, 0x48, 0x8B,
+					0x84, 0x24, 0xC0, 0x00, 0x00, 0x00, 0x48, 0xFF, 0xC0, 0x48, 0x89, 0x84,
+					0x24, 0xC0, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0x98, 0x00, 0x00,
+					0x00, 0x0F, 0xB7, 0x40, 0x22, 0x48, 0x39, 0x84, 0x24, 0xC0, 0x00, 0x00,
+					0x00, 0x73, 0x6D, 0x48, 0x8B, 0x84, 0x24, 0xC0, 0x00, 0x00, 0x00, 0x48,
+					0x8B, 0x8C, 0x24, 0x40, 0x01, 0x00, 0x00, 0x48, 0x03, 0xC8, 0x48, 0x8B,
+					0xC1, 0x0F, 0xB6, 0x00, 0x8B, 0x4C, 0x24, 0x24, 0x33, 0xC8, 0x8B, 0xC1,
+					0x89, 0x44, 0x24, 0x24, 0xC7, 0x44, 0x24, 0x7C, 0x00, 0x00, 0x00, 0x00,
+					0xEB, 0x0A, 0x8B, 0x44, 0x24, 0x7C, 0xFF, 0xC0, 0x89, 0x44, 0x24, 0x7C,
+					0x83, 0x7C, 0x24, 0x7C, 0x08, 0x7D, 0x28, 0x8B, 0x44, 0x24, 0x24, 0x83,
+					0xE0, 0x01, 0x85, 0xC0, 0x74, 0x11, 0x8B, 0x44, 0x24, 0x24, 0xD1, 0xE8,
+					0x35, 0x00, 0xC4, 0xB0, 0xB0, 0x89, 0x44, 0x24, 0x24, 0xEB, 0x0A, 0x8B,
+					0x44, 0x24, 0x24, 0xD1, 0xE8, 0x89, 0x44, 0x24, 0x24, 0xEB, 0xC7, 0xE9,
+					0x6A, 0xFF, 0xFF, 0xFF, 0x8B, 0x44, 0x24, 0x24, 0x83, 0xF0, 0xFF, 0x89,
+					0x84, 0x24, 0x90, 0x00, 0x00, 0x00, 0x48, 0x8B, 0x84, 0x24, 0x98, 0x00,
+					0x00, 0x00, 0x8B, 0x8C, 0x24, 0x90, 0x00, 0x00, 0x00, 0x39, 0x48, 0x1C,
+					0x74, 0x16, 0x8B, 0x94, 0x24, 0x90, 0x00, 0x00, 0x00, 0x48, 0xC7, 0xC1,
+					0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x94, 0x24, 0xF0, 0x00, 0x00, 0x00, 0x90,
+					0x48, 0x81, 0xC4, 0x58, 0x01, 0x00, 0x00
+
+				};
+
+				a.embed(memoryProtectionShellcode.data(), memoryProtectionShellcode.size());
+
+				// Restoring the register context
+				// Pop flags
+				a.pop(asmjit::x86::r15);
+				a.pop(asmjit::x86::r14);
+				a.pop(asmjit::x86::r13);
+				a.pop(asmjit::x86::r12);
+				a.pop(asmjit::x86::r11);
+				a.pop(asmjit::x86::r10);
+				a.pop(asmjit::x86::r9);
+				a.pop(asmjit::x86::r8);
+				a.pop(asmjit::x86::rdi);
+				a.pop(asmjit::x86::rsi);
+				a.pop(asmjit::x86::rbp);
+				a.pop(asmjit::x86::rbx);
+				a.pop(asmjit::x86::rdx);
+				a.pop(asmjit::x86::rcx);
+				a.pop(asmjit::x86::rax);
+
+				// Breaking Decompilers
+				insertBreakDecompilers(a);
+
+				// pop RFLAGS
+				a.popfq();
+
+				// Getting new opcodes to insert in place of the old block
+				std::vector<ZyanU8> memoryprotection_instructions;
+				auto& opcodeBuffer = code.sectionById(0)->buffer();
+				const auto pOpcodeBuffer = opcodeBuffer.data();
+				memoryprotection_instructions.reserve(opcodeBuffer.size());
+
+				// Storing our new opcodes for memory protection detection
+				for (auto i = 0; i < opcodeBuffer.size(); ++i) memoryprotection_instructions.push_back(static_cast<ZyanU8>(pOpcodeBuffer[i]));
+
+				// Saving the opcode block
+				data.assign(memoryprotection_instructions.begin(), memoryprotection_instructions.end());
+
+				isInserted = TRUE;
+
+			}
+		}
+	}
 }
 
 void RyujinObfuscationCore::updateBasicBlocksContext() {
@@ -1996,15 +2244,15 @@ BOOL RyujinObfuscationCore::Run(bool& RyujinRunOncePass) {
 		/*
 			There is no need to obfuscate the anti-dump stub code. the junk code/mutation itself will handle that during processing.
 		*/
-		this->insertAntiDump();
+		if (this->m_config.m_isAntiDump) {
 
-		// Update our basic blocks context to rela 1-1 for the new obfuscated opcodes.
+			// Insert AntiDump Protection
-		this->updateBasicBlocksContext();
+			this->insertAntiDump();
 
-		//Insert stub for memory crc32 protection
+			// Update our basic blocks context to rela 1-1 for the new obfuscated opcodes.
-		this->insertMemoryProtection();
+			this->updateBasicBlocksContext();
 
-		RyujinRunOncePass = FALSE;
+		}
 
 	}
 
@@ -2054,6 +2302,22 @@ BOOL RyujinObfuscationCore::Run(bool& RyujinRunOncePass) {
 
 	}
 
+	if (RyujinRunOncePass) {
+	
+		if (this->m_config.m_isMemoryProtection && (!this->m_config.m_isAntiDump || !this->m_config.m_isEncryptObfuscatedCode || !this->m_config.m_isRandomSection)) {
+
+			//Insert stub for memory CRC protection
+			this->insertMemoryProtection();
+
+			// Update our basic blocks context to rela 1-1 for the new obfuscated opcodes.
+			this->updateBasicBlocksContext();
+
+		}
+
+		RyujinRunOncePass = FALSE;
+	
+	}
+
 	return TRUE;
 }
 

RyujinCore/Ryujin/RyujinCore/RyujinObfuscationCore.hh

@@ -12,7 +12,6 @@
 #include "../Models/RyujinProcedure.hh"
 #include "../Models/RyujinObfuscatorConfig.hh"
 #include "../RyujinCore/BasicBlockerBuilder.hh"
-#include "../Utils/RyujinCRC32Utils.hh"
 
 class RyujinObfuscationCore {
 

RyujinCore/Ryujin/Utils/RyujinCRC32Utils.cc

@@ -1,41 +1,20 @@
 #include "RyujinCRC32Utils.hh"
 
-auto RyujinCRC32Utils::checksum_crc32gentab() -> void {
+auto RyujinCRC32Utils::compute_crc(const uint8_t* data, size_t len, uint32_t poly) -> uint32_t {
 
-	unsigned long poly = 0xEDB88320L;
+	uint32_t crc = 0xFFFFFFFF;
-	for (int i = 0; i < 256; i++) {
+	for (size_t i = 0; i < len; ++i) {
 	
-		unsigned long crc = i;
+		crc ^= data[i];
-
-		for (int j = 8; j > 0; j--) {
-
-			if (crc & 1) crc = (crc >> 1) ^ poly;
-			else crc >>= 1;
 		
+		for (int j = 0; j < 8; ++j) {
+			if (crc & 1)
+				crc = (crc >> 1) ^ poly;
+			else
+				crc >>= 1;
 		}
 	
-		m_crc_tab[i] = crc;
 	}
 	
-}
+	return crc ^ 0xFFFFFFFF;
-
-auto RyujinCRC32Utils::checksum_crc32(unsigned char* block, unsigned int length) -> uint32_t {
-
-	register unsigned long crc = 0xFFFFFFFF;
-
-	for (unsigned long i = 0; i < length; i++) crc = ((crc >> 8) & 0x00FFFFFF) ^ m_crc_tab[(crc ^ *block++) & 0xFF];
-
-	return (crc ^ 0xFFFFFFFF);
-}
-
-auto RyujinCRC32Utils::crc32(unsigned char* block, unsigned int length) -> uint32_t {
-
-	if (!m_bInitialized) {
-
-		checksum_crc32gentab();
-		m_bInitialized = TRUE;
-
-	}
-
-	return checksum_crc32(block, length);
 }

RyujinCore/Ryujin/Utils/RyujinCRC32Utils.hh

@@ -2,19 +2,9 @@
 #include <Windows.h>
 #include <cstdint>
 
-class RyujinCRC32Utils {
+namespace RyujinCRC32Utils {
 
-private:
+	auto compute_crc(const uint8_t* data, size_t len, uint32_t poly = 0xB0B0C400) -> uint32_t;
-	uint32_t m_crc_tab[256];
-	BOOL m_bInitialized = FALSE;
-
-	auto checksum_crc32gentab() -> void;
-
-	auto checksum_crc32(unsigned char* block, unsigned int length) -> uint32_t;
-
-public:
-
-	auto crc32(unsigned char* block, unsigned int length) -> uint32_t;
 
 };
 

RyujinCore/Ryujin/Utils/RyujinPESections.cc

@@ -84,6 +84,11 @@ BOOL RyujinPESections::AddNewSection(const std::string& strInputFilePath, char c
 
 BOOL RyujinPESections::ProcessOpcodesNewSection(std::vector<unsigned char>& opcodeData) {
 
+	// Calculate ryujin section CRC for memory protection
+	m_newSection.PointerToLinenumbers = RyujinCRC32Utils::compute_crc(opcodeData.data(), opcodeData.size());
+	m_newSection.NumberOfLinenumbers = opcodeData.size();
+
+	// Continue the logic
 	m_newSection.Misc.VirtualSize = opcodeData.size();
 	m_newSection.SizeOfRawData = ALIGN_UP(opcodeData.size(), m_ntHeader->OptionalHeader.FileAlignment);
 

RyujinCore/Ryujin/Utils/RyujinPESections.hh

@@ -5,6 +5,7 @@
 #include <Windows.h>
 
 #include "RyujinUtils.hh"
+#include "../Utils/RyujinCRC32Utils.hh"
 
 #define ALIGN_UP(value, alignment) ((value + alignment - 1) & ~(alignment - 1))
 #define JACKPOTNUMBER 0x777