Support latest CO build

de4dot.code/deobfuscators/CryptoObfuscator/AntiDebugger.cs

@@ -62,7 +62,8 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
 				if (DotNetUtils.getPInvokeMethod(type, "kernel32", "GetProcAddress") == null)
 					continue;
 				deobfuscate(method);
-				if (!containsString(method, "debugger is activ"))
+				if (!containsString(method, "debugger is activ") &&
+					!containsString(method, "debugger is running"))
 					continue;
 
 				antiDebuggerType = type;

de4dot.code/deobfuscators/CryptoObfuscator/ProxyDelegateFinder.cs

@@ -127,7 +127,7 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
 		MethodDefinition getProxyCreateMethod(TypeDefinition type) {
 			if (DotNetUtils.findFieldType(type, "System.ModuleHandle", true) == null)
 				return null;
-			if (type.Fields.Count < 1 || type.Fields.Count > 5)
+			if (type.Fields.Count < 1 || type.Fields.Count > 6)
 				return null;
 
 			MethodDefinition createMethod = null;

de4dot.code/deobfuscators/CryptoObfuscator/ResourceDecrypter.cs

@@ -300,6 +300,8 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
 					return method;
 				if (DotNetUtils.isMethod(method, "System.Byte[]", "(System.Int32,System.IO.Stream)"))
 					return method;
+				if (DotNetUtils.isMethod(method, "System.Byte[]", "(System.Int16,System.IO.Stream)"))
+					return method;
 			}
 			return null;
 		}

de4dot.code/deobfuscators/CryptoObfuscator/TamperDetection.cs

@@ -84,7 +84,7 @@ namespace de4dot.code.deobfuscators.CryptoObfuscator {
 
 			if (!method.IsStatic || !DotNetUtils.isMethod(method, "System.Void", "()"))
 				return false;
-			if (type.Methods.Count < 3 || type.Methods.Count > 7)
+			if (type.Methods.Count < 3 || type.Methods.Count > 8)
 				return false;
 			if (DotNetUtils.getPInvokeMethod(type, "mscoree", "StrongNameSignatureVerificationEx") != null) {
 			}