Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Unpackme] Nefarious UnCryptme

Rompope
Rompope
in UnPackMe

Featured Replies

Posted

Your Mission if you choose Unpack this file and tell me the original OEP and original File Size. some things to consider: anti olly if you can bypass this please tell me how;) , anti dumping and a few other things let me know!

PS. most of the file size is the chiptune converted to c++ table array (adds to the encryption bigger the file = more encryption :P

ps:

attach to process example

24pc9k1.jpg

Sorry a little drunk right now maybe this is simple for you to bypass but let me know

PS. I am Nefarious

PS. The File size is higher now then it is Uncryptedme

NefariousUnCryptMe.zip

Edited by Rompope

OEP :0040365E

SIZE :61,440

Unpack_NefariousUnCryptMe.rar

Edited by sdy100

  • Author

Can you supply unpacked file?

  • Author

was it even a challenge or a peice of cake.. looking at the time stamp I think it took you more then 5 or 10 minutes?

004050A0 D0 50 00 00

004050A4 00 F0 00 00 ?...?.?.

004050D0 4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 MZ?........

004050E0 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 ?......@.......

004050F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

00405100 00 00 00 00 00 00 00 00 00 00 00 00 F0 00 00 00 ............?..

00405110 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68 ?.???L?Th

00405120 69 73 20 70 72 6F 67 72 61 6D 20 63 61 6E 6E 6F is program canno

00405130 74 20 62 65 20 72 75 6E 20 69 6E 20 44 4F 53 20 t be run in DOS

00405140 6D 6F 64 65 2E 0D 0D mode...

004050A4 F000 ==Size

:gathering:

help

bp SetHandleCount

69101653lt3.th.jpg

Edited by by:70

here it is unpacked original one...

4 simple steps.

1. Get address of first unformatted (encrypted) resource data (here will be the file)

2. Run program till resource is decrypted (or run totally no problem at all)

3. Make a raw dump of whole program

4. Dump with lordpe the first unformatted resource data, it is original file...runs perfectly untouched.

Size and OEP are the ones exactly of attached file

There are more than one method to unpack it, but this is undoubtely the easiest one.

unpacked_ok.rar

Edited by EvOlUtIoN

here it is unpacked original one...

4 simple steps.

1. Get address of first unformatted (encrypted) resource data (here will be the file)

2. Run program till resource is decrypted (or run totally no problem at all)

3. Make a raw dump of whole program

4. Dump with lordpe the first unformatted resource data, it is original file...runs perfectly untouched.

Size and OEP are the ones exactly of attached file

There are more than one method to unpack it, but this is undoubtely the easiest one.

thank you :lol:

:gathering:

help

bp SetHandleCount

69101653lt3.th.jpg

What do you mean? :wacko:

lol :lol:

Edited by CtF

help

  • Author

awww Help I can't breath!

help

bp SetHandleCount

For me it doesn't take any sense.

Help for what?

It is not a real packer, just grab original file and dump it in any way you want, what else?

Make a description of your difficulty so i can help...

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.