XeNTaX

hello, theres a game called mario the music box remastered the uses a custom encrypted file format by the name of .ari i tried asking in the developers official discord server one person said that they and their friend made an exe that decrypts the file here's a quote on how they did it: "it uses some fiddling with the header and xor encryption" when i asked if could get access to it they said "no, thanks" here's the file: https://mega.nz/file/lAhkjTKI#x4QFGcNQr ... IvkSyvxmYg

If anyone responds i'll be happy.

So I've done a little research for this game. It turns out it's free to download on itch.io
https://teamari.itch.io/mario-the-music-box-remastered

In the readme file the authors revealed that they've used RPG MAKER XP Engine to create this game.
And if you'll check online, you'll see that this engine usually uses RGSSAD archives. Even if you'll create a new project in rpg maker and you'll export game files, you'll get "Game.exe" executable and *.rgssad archive as a result.
http://wiki.xentax.com/index.php/Enterb ... SAD_RGSS3A

You can even find a hint in the "Game.ini" file:
But "Team Ari" have used some custom tools as you can read in this twitter post
https://twitter.com/Team_Ari_Games/stat ... 1025684480
Here's the link to the encryptor they've probably used
https://github.com/ogniK5377/RPGMakerXpEncryptor

Your ARI archive doesn't have "RGSSAD" signature at the beginning, so I think thay've added some additional layer of encryption before releasing final version to the public. So now you could start analyzing main game's executable and search for decryption method. If it really uses XOR, then most of the code can be copied from github.

How should an rgssad signature should look like? I just redownloaded the game. Also this probably what they used to encrypt it: https://github.com/ogniK5377/RPGMakerXpCustomContainer

Couldn't find anything on how it uses it the thing, what i managed to find is the MZ string in the begging of the hex code i
highly doubt this is related rpg maker MZ but who knows

How should an rgssad signature should look like?

Like this:

what i managed to find is the MZ string in the begging of the hex code i
highly this is related rpg maker MZ but who knows

No, it's standard signature for windows executable http://wiki.xentax.com/index.php/Windows_Executable_EXE

Is it possible to overwrite the signature in the .ari file to a rgssad signature?

Yes, by reverse engineering decryption function and writing custom script/program to do it.

I don't even have a pc to do that.