Jump to content
Tuts 4 You

[unpackme] Multi Unpackme+


Recommended Posts

Teddy Rogers

The [unpackme] tag has been added to your topic title.

Please remember to follow and adhere to the topic title format - thankyou!

[This is an automated reply]

Link to comment
Share on other sites


Stolen code was quite easy.. As well as the import redirection.

Still very nice unapckme.. But was too lazy to get around your debugger detection in olly..

So I hooked some stuff. ;)


Link to comment
Share on other sites


0040643C E8 CC340000 CALL UM++.0040990D

00406441 E8 DF0B0000 CALL UM++.00407025

00406446 E8 850A0000 CALL UM++.00406ED0

0040644B 83BD 0C4E0000 0>CMP DWORD PTR SS:[EBP+4E0C],0

00406452 74 07 JE SHORT UM++.0040645B

00406454 E9 10100000 JMP UM++.00407469

00406459 EB 01 JMP SHORT UM++.0040645C

0040645B 61 POPAD

0040645C ^ E9 9FABFFFF JMP UM++.00401000



Link to comment
Share on other sites

thx to all

yes stolen code & iat redirection is simple.

@quosego: can u tell me that stuff.


ok rlpack 1.2 + some changing + ...


Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...