Good morning! You're actually doing a lot of things right, and it's clear you're already familiar with modding and reverse engineering to some extent. Here's a breakdown of what's going on and how you might proceed from here.
---
Summary of the Situation
You're modding "Pixel Heroes: Tales of Emond".
You successfully pulled and extracted the APK split files.
Inside split_game_asset.apk, you found .lua and .lua64 files.
Opening them reveals what looks like binary or encrypted Lua, not plain Lua source.
You're unsure about how to decrypt or decompile these files.
---
What Youβre Likely Dealing With
Based on the .lua64 extension, the presence of unreadable binary data, and common practices in mobile games:
Possibility 1: Precompiled Lua (Bytecode)
Many games compile their .lua scripts into Lua bytecode (luac) to obscure source and speed up loading.
.lua64 might mean:
Lua bytecode compiled for Lua 5.3+ (64-bit)
Possibly customized VM or encrypted bytecode
.lua and .lua64 coexist because one might be a stub or debug file, while the other is the actual functional code.
Possibility 2: Encrypted Bytecode
To deter modding, devs often encrypt the bytecode, meaning even if you "decompile" it, it won't work without first decrypting.
---
How to Identify What's Going On
You can check the headers of .lua or .lua64 files using HxD or xxd:
1. Open a .lua64 file in HxD.
2. Check the first few bytes (header).
For example:
Lua 5.1 bytecode starts with: 1B 4C 75 61
Lua 5.3 starts with: 1B 4C 75 61 53 00 19 93 0D 0A
If you donβt see this and instead see STX, NUL, or garbled values, it's either:
Obfuscated or encrypted
Custom VM, not standard Lua
---
What You Can Try Next
1. Try Luadec / Unluac / LuaDecTools
These work only on standard Lua bytecode (no encryption or heavy obfuscation).
Unluac
LuaDec
Usage (for unluac):
java -jar unluac.jar yourfile.lua64
If it fails or says "not a valid chunk", it's probably encrypted.
---
2. Hook or Trace Lua at Runtime
If the game runs Lua at runtime (most likely), you can hook into the interpreter and dump decrypted Lua memory.
Options:
Frida (dynamic instrumentation toolkit)
Hook into Lua functions like luaL_loadbuffer or lua_pcall.
GameGuardian (on rooted Android)
Search memory for known strings to dump decrypted Lua.
---
3. Look for Decryption Logic in APK
In lib/ or assets/ or smali code:
Check for functions like:
decrypt()
loadBuffer()
luaL_loadstring()
luaL_loadbufferx()
You may find a native .so file (e.g., libgame.so) handling decryption.
Use IDA Free, Ghidra, or Jadx to inspect them.
---
Tools You Might Want
ToolUse
HxDHex analysis
Unluac / LuaDecDecompile standard Lua bytecode
FridaHook Lua runtime to dump decrypted scripts
JadxReverse APK Java code
IDA / GhidraReverse native .so libraries
GameGuardianMemory scanning on Android
---
Why .lua and .lua64 Together?
.lua may be empty/dummy/placeholder.
.lua64 contains the actual precompiled/encrypted content.
Devs may use this to support multiple architectures or versions.
You can compare file sizes and modification dates to confirm.
---
Suggestion
Start with checking if any .lua64 is standard Lua bytecode:
Try unluac or luadec.
If it fails, use Frida to hook and dump after decryption at runtime.
As a stretch goal, reverse the native .so file that might contain decryption routines.
---
If you'd like, I can help guide you through Frida scripting or analyzing a specific .lua64 file if you upload it. Let me know how deep you want to go with this.
Good luck modding!