# 10 — Tool: GM Decompiler v2.1

**Artifact**: `gmdecompiler_v2_1.jar`
**Language**: Java (closed source)
**Target**: GameMaker 5.3a through 7.0
**Method**: Static algorithmic XOR-key derivation

Released after GMD-Recovery. Wider version coverage. Pure static — never executes the target binary.

## Approach

- Reads the target `.exe` from disk only.
- Locates EOF offset where appended payload begins.
- Mathematically derives the static XOR seed used for that engine version's encryption layer.
- Decrypts and writes a clean `.gmd` (or `.gm6`) without ever loading the runner into memory.

## Strengths

- **Safe** — no execution = no malware risk. Use on untrusted binaries.
- **Automatable** — pure file-in / file-out. Fits CI / batch scripts.
- **Cross-platform** — Java, runs anywhere with a JRE.
- **Wide version range** — covers 5.3a through 7.0 with one tool.

## Weaknesses

- Defeated by outer packers (UPX, custom anti-tamper). The packer encrypts the runner's machine code on disk, so the static derivation has nothing to chew on. → fall back to dynamic ([09-tool-gmd-recovery](09-tool-gmd-recovery.md)).
- Closed source — can't audit or extend.

## Use first when

- Binary is untrusted.
- Host is non-Windows or no XP VM available.
- Batch / scripted extraction needed.

## See also

- [09-tool-gmd-recovery](09-tool-gmd-recovery.md) — dynamic fallback
- [02-encryption](02-encryption.md)
- [15-extraction-pipeline](15-extraction-pipeline.md) — Rank 2 method