├── .gitignore
├── README.md
├── UniPE.sln
└── UniPE
    ├── UC_Windows.h
    ├── UniPE.cpp
    └── UniPE.vcxproj


/.gitignore:
--------------------------------------------------------------------------------
  1 | ## Ignore Visual Studio temporary files, build results, and
  2 | ## files generated by popular Visual Studio add-ons.
  3 | ##
  4 | ## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
  5 | 
  6 | # User-specific files
  7 | *.suo
  8 | *.user
  9 | *.userosscache
 10 | *.sln.docstates
 11 | 
 12 | # User-specific files (MonoDevelop/Xamarin Studio)
 13 | *.userprefs
 14 | 
 15 | # Build results
 16 | [Dd]ebug/
 17 | [Dd]ebugPublic/
 18 | [Rr]elease/
 19 | [Rr]eleases/
 20 | x64/
 21 | x86/
 22 | bld/
 23 | [Bb]in/
 24 | [Oo]bj/
 25 | [Ll]og/
 26 | 
 27 | # Visual Studio 2015 cache/options directory
 28 | .vs/
 29 | # Uncomment if you have tasks that create the project's static files in wwwroot
 30 | #wwwroot/
 31 | 
 32 | # MSTest test Results
 33 | [Tt]est[Rr]esult*/
 34 | [Bb]uild[Ll]og.*
 35 | 
 36 | # NUNIT
 37 | *.VisualState.xml
 38 | TestResult.xml
 39 | 
 40 | # Build Results of an ATL Project
 41 | [Dd]ebugPS/
 42 | [Rr]eleasePS/
 43 | dlldata.c
 44 | 
 45 | # .NET Core
 46 | project.lock.json
 47 | project.fragment.lock.json
 48 | artifacts/
 49 | **/Properties/launchSettings.json
 50 | 
 51 | *_i.c
 52 | *_p.c
 53 | *_i.h
 54 | *.ilk
 55 | *.meta
 56 | *.obj
 57 | *.pch
 58 | *.pdb
 59 | *.pgc
 60 | *.pgd
 61 | *.rsp
 62 | *.sbr
 63 | *.tlb
 64 | *.tli
 65 | *.tlh
 66 | *.tmp
 67 | *.tmp_proj
 68 | *.log
 69 | *.vspscc
 70 | *.vssscc
 71 | .builds
 72 | *.pidb
 73 | *.svclog
 74 | *.scc
 75 | 
 76 | # Chutzpah Test files
 77 | _Chutzpah*
 78 | 
 79 | # Visual C++ cache files
 80 | ipch/
 81 | *.aps
 82 | *.ncb
 83 | *.opendb
 84 | *.opensdf
 85 | *.sdf
 86 | *.cachefile
 87 | *.VC.db
 88 | *.VC.VC.opendb
 89 | 
 90 | # Visual Studio profiler
 91 | *.psess
 92 | *.vsp
 93 | *.vspx
 94 | *.sap
 95 | 
 96 | # TFS 2012 Local Workspace
 97 | $tf/
 98 | 
 99 | # Guidance Automation Toolkit
100 | *.gpState
101 | 
102 | # ReSharper is a .NET coding add-in
103 | _ReSharper*/
104 | *.[Rr]e[Ss]harper
105 | *.DotSettings.user
106 | 
107 | # JustCode is a .NET coding add-in
108 | .JustCode
109 | 
110 | # TeamCity is a build add-in
111 | _TeamCity*
112 | 
113 | # DotCover is a Code Coverage Tool
114 | *.dotCover
115 | 
116 | # Visual Studio code coverage results
117 | *.coverage
118 | *.coveragexml
119 | 
120 | # NCrunch
121 | _NCrunch_*
122 | .*crunch*.local.xml
123 | nCrunchTemp_*
124 | 
125 | # MightyMoose
126 | *.mm.*
127 | AutoTest.Net/
128 | 
129 | # Web workbench (sass)
130 | .sass-cache/
131 | 
132 | # Installshield output folder
133 | [Ee]xpress/
134 | 
135 | # DocProject is a documentation generator add-in
136 | DocProject/buildhelp/
137 | DocProject/Help/*.HxT
138 | DocProject/Help/*.HxC
139 | DocProject/Help/*.hhc
140 | DocProject/Help/*.hhk
141 | DocProject/Help/*.hhp
142 | DocProject/Help/Html2
143 | DocProject/Help/html
144 | 
145 | # Click-Once directory
146 | publish/
147 | 
148 | # Publish Web Output
149 | *.[Pp]ublish.xml
150 | *.azurePubxml
151 | # TODO: Comment the next line if you want to checkin your web deploy settings
152 | # but database connection strings (with potential passwords) will be unencrypted
153 | *.pubxml
154 | *.publishproj
155 | 
156 | # Microsoft Azure Web App publish settings. Comment the next line if you want to
157 | # checkin your Azure Web App publish settings, but sensitive information contained
158 | # in these scripts will be unencrypted
159 | PublishScripts/
160 | 
161 | # NuGet Packages
162 | *.nupkg
163 | # The packages folder can be ignored because of Package Restore
164 | **/packages/*
165 | # except build/, which is used as an MSBuild target.
166 | !**/packages/build/
167 | # Uncomment if necessary however generally it will be regenerated when needed
168 | #!**/packages/repositories.config
169 | # NuGet v3's project.json files produces more ignorable files
170 | *.nuget.props
171 | *.nuget.targets
172 | 
173 | # Microsoft Azure Build Output
174 | csx/
175 | *.build.csdef
176 | 
177 | # Microsoft Azure Emulator
178 | ecf/
179 | rcf/
180 | 
181 | # Windows Store app package directories and files
182 | AppPackages/
183 | BundleArtifacts/
184 | Package.StoreAssociation.xml
185 | _pkginfo.txt
186 | 
187 | # Visual Studio cache files
188 | # files ending in .cache can be ignored
189 | *.[Cc]ache
190 | # but keep track of directories ending in .cache
191 | !*.[Cc]ache/
192 | 
193 | # Others
194 | ClientBin/
195 | ~$*
196 | *~
197 | *.dbmdl
198 | *.dbproj.schemaview
199 | *.jfm
200 | *.pfx
201 | *.publishsettings
202 | orleans.codegen.cs
203 | 
204 | # Since there are multiple workflows, uncomment next line to ignore bower_components
205 | # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
206 | #bower_components/
207 | 
208 | # RIA/Silverlight projects
209 | Generated_Code/
210 | 
211 | # Backup & report files from converting an old project file
212 | # to a newer Visual Studio version. Backup files are not needed,
213 | # because we have git ;-)
214 | _UpgradeReport_Files/
215 | Backup*/
216 | UpgradeLog*.XML
217 | UpgradeLog*.htm
218 | 
219 | # SQL Server files
220 | *.mdf
221 | *.ldf
222 | *.ndf
223 | 
224 | # Business Intelligence projects
225 | *.rdl.data
226 | *.bim.layout
227 | *.bim_*.settings
228 | 
229 | # Microsoft Fakes
230 | FakesAssemblies/
231 | 
232 | # GhostDoc plugin setting file
233 | *.GhostDoc.xml
234 | 
235 | # Node.js Tools for Visual Studio
236 | .ntvs_analysis.dat
237 | node_modules/
238 | 
239 | # Typescript v1 declaration files
240 | typings/
241 | 
242 | # Visual Studio 6 build log
243 | *.plg
244 | 
245 | # Visual Studio 6 workspace options file
246 | *.opt
247 | 
248 | # Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
249 | *.vbw
250 | 
251 | # Visual Studio LightSwitch build output
252 | **/*.HTMLClient/GeneratedArtifacts
253 | **/*.DesktopClient/GeneratedArtifacts
254 | **/*.DesktopClient/ModelManifest.xml
255 | **/*.Server/GeneratedArtifacts
256 | **/*.Server/ModelManifest.xml
257 | _Pvt_Extensions
258 | 
259 | # Paket dependency manager
260 | .paket/paket.exe
261 | paket-files/
262 | 
263 | # FAKE - F# Make
264 | .fake/
265 | 
266 | # JetBrains Rider
267 | .idea/
268 | *.sln.iml
269 | 
270 | # CodeRush
271 | .cr/
272 | 
273 | # Python Tools for Visual Studio (PTVS)
274 | __pycache__/
275 | *.pyc
276 | 
277 | # Cake - Uncomment if you are using it
278 | # tools/**
279 | # !tools/packages.config
280 | 
281 | # Telerik's JustMock configuration file
282 | *.jmconfig
283 | 
284 | # BizTalk build output
285 | *.btp.cs
286 | *.btm.cs
287 | *.odx.cs
288 | *.xsd.cs
289 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # UniPE
2 | UNIPE - A small framwork to execute PE files with UniCorn
3 | 
4 | # Focusing on PE 32 bit right now
5 | 


--------------------------------------------------------------------------------
/UniPE.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio 15
 4 | VisualStudioVersion = 15.0.27205.2004
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "UniPE", "UniPE\UniPE.vcxproj", "{AB1154AB-F889-4C0E-97EF-DD4EFF66FB4B}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|x64 = Debug|x64
11 | 		Debug|x86 = Debug|x86
12 | 		Release|x64 = Release|x64
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{AB1154AB-F889-4C0E-97EF-DD4EFF66FB4B}.Debug|x64.ActiveCfg = Debug|x64
17 | 		{AB1154AB-F889-4C0E-97EF-DD4EFF66FB4B}.Debug|x64.Build.0 = Debug|x64
18 | 		{AB1154AB-F889-4C0E-97EF-DD4EFF66FB4B}.Debug|x86.ActiveCfg = Debug|Win32
19 | 		{AB1154AB-F889-4C0E-97EF-DD4EFF66FB4B}.Debug|x86.Build.0 = Debug|Win32
20 | 		{AB1154AB-F889-4C0E-97EF-DD4EFF66FB4B}.Release|x64.ActiveCfg = Release|x64
21 | 		{AB1154AB-F889-4C0E-97EF-DD4EFF66FB4B}.Release|x64.Build.0 = Release|x64
22 | 		{AB1154AB-F889-4C0E-97EF-DD4EFF66FB4B}.Release|x86.ActiveCfg = Release|Win32
23 | 		{AB1154AB-F889-4C0E-97EF-DD4EFF66FB4B}.Release|x86.Build.0 = Release|Win32
24 | 	EndGlobalSection
25 | 	GlobalSection(SolutionProperties) = preSolution
26 | 		HideSolutionNode = FALSE
27 | 	EndGlobalSection
28 | 	GlobalSection(ExtensibilityGlobals) = postSolution
29 | 		SolutionGuid = {6FD61DD2-5A45-4A27-998A-2045157F3737}
30 | 	EndGlobalSection
31 | EndGlobal
32 | 


--------------------------------------------------------------------------------
/UniPE/UC_Windows.h:
--------------------------------------------------------------------------------
  1 | #pragma once
  2 | #include <stdint.h>
  3 | #include <Windows.h>
  4 | #include <Tlhelp32.h>
  5 | 
  6 | typedef struct _LIST_ENTRY32 {
  7 | 	uint32_t Flink;
  8 | 	uint32_t Blink;
  9 | } UCLIST_ENTRY32, *PUCLIST_ENTRY32;
 10 | 
 11 | typedef struct _PEB_LDR_DATA32 {
 12 | 	BYTE       Reserved1[8];
 13 | 	uint32_t      Reserved2[3];
 14 | 	UCLIST_ENTRY32 InMemoryOrderModuleList;
 15 | } PEB_LDR_DATA32, *PPEB_LDR_DATA32;
 16 | 
 17 | typedef struct _PEB32 {
 18 | 	BYTE                          Reserved1[2];
 19 | 	BYTE                          BeingDebugged;
 20 | 	BYTE                          Reserved2[1];
 21 | 	uint32_t                         Reserved3[2];
 22 | 	uint32_t                 Ldr;
 23 | 	uint32_t  ProcessParameters;
 24 | 	BYTE                          Reserved4[104];
 25 | 	PVOID                         Reserved5[52];
 26 | 	uint32_t PostProcessInitRoutine;
 27 | 	BYTE                          Reserved6[128];
 28 | 	uint32_t                         Reserved7[1];
 29 | 	uint32_t                         SessionId;
 30 | } PEB32, *PPEB32;
 31 | 
 32 | typedef struct _UNICODE_STRING {
 33 | 	USHORT Length;
 34 | 	USHORT MaximumLength;
 35 | 	PWSTR  Buffer;
 36 | } UNICODE_STRING, *PUNICODE_STRING;
 37 | 
 38 | struct _LDR_DATA_TABLE_ENTRY {                             //  x86  /  x64
 39 | 	struct _LIST_ENTRY32          InLoadOrderLinks;            // 0x000 / 0x000
 40 | 	struct _LIST_ENTRY32          InMemoryOrderLinks;          // 0x008 / 0x010
 41 | 	union {                                                  // 0x010 / 0x020
 42 | 		struct _LIST_ENTRY32        InInitializationOrderLinks;
 43 | 		struct _LIST_ENTRY32        InProgressLinks;
 44 | 	};
 45 | 	void                       *DllBase;                     // 0x018 / 0x030
 46 | 	void                       *EntryPoint;                  // 0x01c / 0x038
 47 | 	union {                                                  // 0x020 / 0x040
 48 | 		uint32_t                  SizeOfImage;
 49 | 		void                     *AlignDummy1;                 // <-- This is just here to clearify implicit alignment before next member
 50 | 	};
 51 | 	struct _UNICODE_STRING      FullDllName;                 // 0x024 / 0x048
 52 | 	struct _UNICODE_STRING      BaseDllName;                 // 0x02c / 0x058
 53 | 	union {                                                  // 0x034 / 0x068
 54 | 		uint8_t                   FlagGroup[4];
 55 | 		uint32_t                  Flags;
 56 | 		struct {
 57 | 			uint32_t                PackagedBinary : 1;
 58 | 			uint32_t                MarkedForRemoval : 1;
 59 | 			uint32_t                ImageDll : 1;
 60 | 			uint32_t                LoadNotificationsSent : 1;
 61 | 			uint32_t                TelemetryEntryProcessed : 1;
 62 | 			uint32_t                ProcessStaticImport : 1;
 63 | 			uint32_t                InLegacyLists : 1;
 64 | 			uint32_t                InIndexes : 1;
 65 | 			uint32_t                ShimDll : 1;
 66 | 			uint32_t                InExceptionTable : 1;
 67 | 			uint32_t                ReservedFlags1 : 2;
 68 | 			uint32_t                LoadInProgress : 1;
 69 | 			uint32_t                ReservedFlags2 : 1;
 70 | 			uint32_t                EntryProcessed : 1;
 71 | 			uint32_t                ReservedFlags3 : 3;
 72 | 			uint32_t                DontCallForThreads : 1;
 73 | 			uint32_t                ProcessAttachCalled : 1;
 74 | 			uint32_t                ProcessAttachFailed : 1;
 75 | 			uint32_t                CorDeferredValidate : 1;
 76 | 			uint32_t                CorImage : 1;
 77 | 			uint32_t                DontRelocate : 1;
 78 | 			uint32_t                CorILOnly : 1;
 79 | 			uint32_t                ReservedFlags5 : 3;
 80 | 			uint32_t                Redirected : 1;
 81 | 			uint32_t                ReservedFlags6 : 2;
 82 | 			uint32_t                CompatDatabaseProcessed : 1;
 83 | 		};
 84 | 	};
 85 | 	uint16_t                    ObsoleteLoadCount;           // 0x038 / 0x06c
 86 | 	uint16_t                    TlsIndex;                    // 0x03a / 0x06e
 87 | 	union {                                                  // 0x03c / 0x070
 88 | 		struct _LIST_ENTRY        HashLinks;
 89 | 		struct {                                               // Obsolete in Windows 8
 90 | 			void                   *SectionPointer;
 91 | 			uint32_t                CheckSum;
 92 | 		};
 93 | 	};
 94 | 	union {                                                  // 0x044 / 0x080
 95 | 		uint32_t                  TimeDateStamp;
 96 | 		void                     *LoadedImports;               // Obsolete in win8
 97 | 	};
 98 | 	struct _ACTIVATION_CONTEXT *EntryPointActivationContext; // 0x048 / 0x088
 99 | 	void                       *PatchInformation;            // 0x04c / 0x090
100 | };
101 | 
102 | 
103 | #pragma pack(push, 1)
104 | struct SegmentDescriptor {
105 | 	union {
106 | 		struct {
107 | 			unsigned short limit0;
108 | 			unsigned short base0;
109 | 			unsigned char base1;
110 | 			unsigned char type : 4;
111 | 			unsigned char system : 1;      /* S flag */
112 | 			unsigned char dpl : 2;
113 | 			unsigned char present : 1;     /* P flag */
114 | 			unsigned char limit1 : 4;
115 | 			unsigned char avail : 1;
116 | 			unsigned char is_64_code : 1;  /* L flag */
117 | 			unsigned char db : 1;          /* DB flag */
118 | 			unsigned char granularity : 1; /* G flag */
119 | 			unsigned char base2;
120 | 		};
121 | 		uint64_t desc;
122 | 	};
123 | };
124 | #pragma pack(pop)
125 | 
126 | #define SEGBASE(d) ((uint32_t)((((d).desc >> 16) & 0xffffff) | (((d).desc >> 32) & 0xff000000)))
127 | #define SEGLIMIT(d) ((d).limit0 | (((unsigned int)(d).limit1) << 16))
128 | 
129 | /************************************************************************/
130 | /* Kills all open Processes                                             */
131 | /************************************************************************/
132 | DWORD GetModuleSize(HMODULE HDLL)
133 | {
134 | 	HANDLE hModSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, GetCurrentProcessId());
135 | 
136 | 	if (hModSnap == INVALID_HANDLE_VALUE)
137 | 		return 0;
138 | 
139 | 	MODULEENTRY32 me;
140 | 	me.dwSize = sizeof(me);
141 | 
142 | 	if (!Module32First(hModSnap, &me)) {
143 | 		return 0;
144 | 	}
145 | 
146 | 	do
147 | 	{
148 | 		if (me.hModule == HDLL)
149 | 		{
150 | 			CloseHandle(hModSnap);
151 | 			return me.modBaseSize;
152 | 		}
153 | 	} while (Module32Next(hModSnap, &me));
154 | 
155 | 
156 | 	CloseHandle(hModSnap);
157 | 
158 | 	return 0;
159 | }
160 | 
161 | 
162 | /************************************************************************/
163 | /* This function enabled the debug privilege                            */
164 | /************************************************************************/
165 | void EnableDebugPrivilege()
166 | {
167 | 	TOKEN_PRIVILEGES	priv;
168 | 	HANDLE				hThis, hToken;
169 | 	LUID				luid;
170 | 
171 | 	hThis = GetCurrentProcess();
172 | 	OpenProcessToken(hThis, TOKEN_ADJUST_PRIVILEGES, &hToken);
173 | 	LookupPrivilegeValue(0, "seDebugPrivilege", &luid);
174 | 	priv.PrivilegeCount = 1;
175 | 	priv.Privileges[0].Luid = luid;
176 | 	priv.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
177 | 	AdjustTokenPrivileges(hToken, false, &priv, 0, 0, 0);
178 | 	CloseHandle(hToken);
179 | 	CloseHandle(hThis);
180 | }


--------------------------------------------------------------------------------
/UniPE/UniPE.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/pgarba/UniPE/8da17f755b8dd1c765be35f4df62c4e606bc84e9/UniPE/UniPE.cpp


--------------------------------------------------------------------------------
/UniPE/UniPE.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>15.0</VCProjectVersion>
 23 |     <ProjectGuid>{AB1154AB-F889-4C0E-97EF-DD4EFF66FB4B}</ProjectGuid>
 24 |     <Keyword>Win32Proj</Keyword>
 25 |     <RootNamespace>UniPE</RootNamespace>
 26 |     <WindowsTargetPlatformVersion>10.0.10586.0</WindowsTargetPlatformVersion>
 27 |   </PropertyGroup>
 28 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 29 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 30 |     <ConfigurationType>Application</ConfigurationType>
 31 |     <UseDebugLibraries>true</UseDebugLibraries>
 32 |     <PlatformToolset>v141</PlatformToolset>
 33 |     <CharacterSet>NotSet</CharacterSet>
 34 |   </PropertyGroup>
 35 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 36 |     <ConfigurationType>Application</ConfigurationType>
 37 |     <UseDebugLibraries>false</UseDebugLibraries>
 38 |     <PlatformToolset>v140</PlatformToolset>
 39 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 40 |     <CharacterSet>NotSet</CharacterSet>
 41 |   </PropertyGroup>
 42 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 43 |     <ConfigurationType>Application</ConfigurationType>
 44 |     <UseDebugLibraries>true</UseDebugLibraries>
 45 |     <PlatformToolset>v141</PlatformToolset>
 46 |     <CharacterSet>NotSet</CharacterSet>
 47 |   </PropertyGroup>
 48 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 49 |     <ConfigurationType>Application</ConfigurationType>
 50 |     <UseDebugLibraries>false</UseDebugLibraries>
 51 |     <PlatformToolset>v141</PlatformToolset>
 52 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 53 |     <CharacterSet>NotSet</CharacterSet>
 54 |   </PropertyGroup>
 55 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 56 |   <ImportGroup Label="ExtensionSettings">
 57 |   </ImportGroup>
 58 |   <ImportGroup Label="Shared">
 59 |   </ImportGroup>
 60 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 61 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 62 |   </ImportGroup>
 63 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 64 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 65 |   </ImportGroup>
 66 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 67 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 68 |   </ImportGroup>
 69 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 70 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 71 |   </ImportGroup>
 72 |   <PropertyGroup Label="UserMacros" />
 73 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 74 |     <LinkIncremental>true</LinkIncremental>
 75 |     <IncludePath>../../unicorn\msvc\distro/include;$(IncludePath)</IncludePath>
 76 |     <LibraryPath>../../unicorn\msvc\distro/Win32;$(LibraryPath)</LibraryPath>
 77 |   </PropertyGroup>
 78 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 79 |     <LinkIncremental>true</LinkIncremental>
 80 |     <IncludePath>../../unicorn-1.0.1-win64/include;$(IncludePath)</IncludePath>
 81 |     <LibraryPath>../../unicorn-1.0.1-win64;$(LibraryPath)</LibraryPath>
 82 |     <EmbedManifest>false</EmbedManifest>
 83 |   </PropertyGroup>
 84 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 85 |     <LinkIncremental>false</LinkIncremental>
 86 |     <IncludePath>../../unicorn\msvc\distro/include;$(IncludePath)</IncludePath>
 87 |     <LibraryPath>../../unicorn\msvc\distro/Win32;$(LibraryPath)</LibraryPath>
 88 |   </PropertyGroup>
 89 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 90 |     <LinkIncremental>false</LinkIncremental>
 91 |     <IncludePath>../../unicorn-1.0.1-win64/include;$(IncludePath)</IncludePath>
 92 |     <LibraryPath>../../unicorn-1.0.1-win64;$(LibraryPath)</LibraryPath>
 93 |     <EmbedManifest>false</EmbedManifest>
 94 |   </PropertyGroup>
 95 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 96 |     <ClCompile>
 97 |       <PrecompiledHeader>NotUsing</PrecompiledHeader>
 98 |       <WarningLevel>Level3</WarningLevel>
 99 |       <Optimization>Disabled</Optimization>
100 |       <SDLCheck>true</SDLCheck>
101 |       <PreprocessorDefinitions>_CRT_SECURE_NO_WARNINGS;WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
102 |       <ConformanceMode>true</ConformanceMode>
103 |     </ClCompile>
104 |     <Link>
105 |       <SubSystem>Console</SubSystem>
106 |       <GenerateDebugInformation>true</GenerateDebugInformation>
107 |       <AdditionalDependencies>unicorn_static.lib;%(AdditionalDependencies)</AdditionalDependencies>
108 |     </Link>
109 |   </ItemDefinitionGroup>
110 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
111 |     <ClCompile>
112 |       <PrecompiledHeader>NotUsing</PrecompiledHeader>
113 |       <WarningLevel>Level3</WarningLevel>
114 |       <Optimization>Disabled</Optimization>
115 |       <SDLCheck>true</SDLCheck>
116 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions); _CRT_SECURE_NO_WARNINGS</PreprocessorDefinitions>
117 |       <ConformanceMode>true</ConformanceMode>
118 |     </ClCompile>
119 |     <Link>
120 |       <SubSystem>Console</SubSystem>
121 |       <GenerateDebugInformation>true</GenerateDebugInformation>
122 |       <AdditionalDependencies>unicorn.lib;%(AdditionalDependencies)</AdditionalDependencies>
123 |       <UACExecutionLevel>HighestAvailable</UACExecutionLevel>
124 |       <UACUIAccess>false</UACUIAccess>
125 |       <EnableUAC>false</EnableUAC>
126 |     </Link>
127 |   </ItemDefinitionGroup>
128 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
129 |     <ClCompile>
130 |       <PrecompiledHeader>NotUsing</PrecompiledHeader>
131 |       <WarningLevel>Level3</WarningLevel>
132 |       <Optimization>MaxSpeed</Optimization>
133 |       <FunctionLevelLinking>true</FunctionLevelLinking>
134 |       <IntrinsicFunctions>true</IntrinsicFunctions>
135 |       <SDLCheck>true</SDLCheck>
136 |       <PreprocessorDefinitions>_CRT_SECURE_NO_WARNINGS;WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
137 |       <ConformanceMode>true</ConformanceMode>
138 |     </ClCompile>
139 |     <Link>
140 |       <SubSystem>Console</SubSystem>
141 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
142 |       <OptimizeReferences>true</OptimizeReferences>
143 |       <GenerateDebugInformation>true</GenerateDebugInformation>
144 |       <AdditionalDependencies>unicorn_static.lib;%(AdditionalDependencies)</AdditionalDependencies>
145 |     </Link>
146 |   </ItemDefinitionGroup>
147 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
148 |     <ClCompile>
149 |       <PrecompiledHeader>NotUsing</PrecompiledHeader>
150 |       <WarningLevel>Level3</WarningLevel>
151 |       <Optimization>MaxSpeed</Optimization>
152 |       <FunctionLevelLinking>true</FunctionLevelLinking>
153 |       <IntrinsicFunctions>true</IntrinsicFunctions>
154 |       <SDLCheck>true</SDLCheck>
155 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions); _CRT_SECURE_NO_WARNINGS</PreprocessorDefinitions>
156 |       <ConformanceMode>true</ConformanceMode>
157 |     </ClCompile>
158 |     <Link>
159 |       <SubSystem>Console</SubSystem>
160 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
161 |       <OptimizeReferences>true</OptimizeReferences>
162 |       <GenerateDebugInformation>true</GenerateDebugInformation>
163 |       <AdditionalDependencies>unicorn.lib;%(AdditionalDependencies)</AdditionalDependencies>
164 |       <UACExecutionLevel>HighestAvailable</UACExecutionLevel>
165 |       <UACUIAccess>false</UACUIAccess>
166 |       <EnableUAC>false</EnableUAC>
167 |     </Link>
168 |   </ItemDefinitionGroup>
169 |   <ItemGroup>
170 |     <ClInclude Include="UC_Windows.h" />
171 |   </ItemGroup>
172 |   <ItemGroup>
173 |     <ClCompile Include="UniPE.cpp" />
174 |   </ItemGroup>
175 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
176 |   <ImportGroup Label="ExtensionTargets">
177 |   </ImportGroup>
178 | </Project>


--------------------------------------------------------------------------------