[unpackme] Azure's Packer

[Azure]

My own packer... It's so easy... So, it's only a game... to relax yourself

There're some anti-debugger in it .... I believe you can unpack it ...

001.rar

Edited August 3, 2008 by Azure

[Sturgeon]

I don't look antidebug

unpack.rar

[pavka]

my dump

dump.rar

[Azure]

Well, Good ~~ Congratulations you win the game...

I don't look antidebug

unpack.rar

There're three anti-debugger in the file.... exactly, anti-Olly debugger...

Edited August 3, 2008 by Azure

[aztecx]

http://rapidshare.com/files/171160874/dump.exe.html

After stepping once just set hardware bp>onaccess>dword on first four bytes of ESP dump. Olly breaks just below the real OEP. Make new origin, dump debugged process and your done.

[Ox87k]

I guess it's only a false-positive 'coz my Nod32 popup with the red screen!

Anyway, good job and remember to try to improve it!

Edited December 8, 2008 by Ox87k

[by:70]

unpack.rar

unpack.rar

Edited December 8, 2008 by by:70

[Sp1d3rZ]

here is

dumped.rar

[Gushe]

Well,

one of the anti-debugs is OutputDebugStrinA, that's for sure.

I guess 401000 is OEP? Although ImpRec doesn't seem to be finding any imports. This was some random testing using unmodified Olly. Tomorrow I'm going to try find all the 3 anti-debugs. Just because I also like to learn do things manually. And I am still a noobie

[Glenntot]

didn't find anti-debug.. hope i dumped it right....i inserted the video...

unpacked.rar

[Gushe]

My unmodden Olly with no plugins enables keeps in Crashing though. Lots of acces violations errors, some single step events and loads of other exceptions seem to occur.