Sp1d3rZ Posted April 15, 2009 Posted April 15, 2009 Protection Options for TMD 2.0.5.0 UnPack ME.exe ------------------------------------------------ Macros Information ------------------ VM Macros: 0 CodeReplace Macros: 0 ENCRYPT Macros: 0 CLEAR Macros: 0 CHECK_PROTECTION Macros: 0 Protection Options ------------------ Anti-Debugger: Ultra Anti-Dumpers: ENABLED Entry Point Ofuscation: ENABLED Resource Encryption: ENABLED VMWare compatible: ENABLED API-Wrapping Level: Level 2 Anti-Patching: File Patch (sign support) Metamorph Security: ENABLED Memory Guard: ENABLED When Debugger Found: Display Message Application compression: ENABLED Resources compression: ENABLED SecureEngine compression: ENABLED Anti-File Monitor: ENABLED Anti-Registry Monitor: ENABLED Delphi/BCB form protection: ENABLED Virtual Machine Settings ------------------------ Number of Virtual APIs wrapped: 0 API Virtualization Level: 3 Entry Point Virtualization: 15 instructions Multi Branch Technology: DISABLED Virtual Machine Processor: Mutable CISC processor Number of CPUs: 1 Opcode Type: Metamorphic - Level 2 Dynamic Opcode: 20% Dynamic Advanced Protection Options --------------------------- Encrypt Application: ENABLED DLL plugin: DISABLED Hide from PE scanners: Type 3 .NET assemblies: ENABLED Active Context: DISABLED Add Manifest: XP Themes XBundler files -------------- No files to bundle IF U UNPACK IT, PLEASE WRITE A TUT TMD_2.0.5.0_UnPack_ME.rar
LCF-AT Posted April 15, 2009 Posted April 15, 2009 Hello,so you can also use my script to unpack your unpackMe.PS: One question - so I see after unpacking I have again to change the target mode to win 98 to get a working file.Its the same like in your older 20.30 unpackMe.Can someone tell me whether is there a special reason for this or is there just something to change in the PE Header to get this dump working without to enable the win 98 mode?Thanks. greetz
EvOlUtIoN Posted April 22, 2009 Posted April 22, 2009 veary easy indeed, simple VM used, and also vb programs are easier to unpack.
Sp1d3rZ Posted April 22, 2009 Author Posted April 22, 2009 veary easy indeed, simple VM used, and also vb programs are easier to unpack. SO! where is solved unpackme?
EmberTheVulpix Posted April 22, 2009 Posted April 22, 2009 SO! where is solved unpackme? See attached. tmd_2.0.5.0_unpack_me_dump__.rar
Sp1d3rZ Posted April 22, 2009 Author Posted April 22, 2009 SO! where is solved unpackme? See attached. OH ya AWESOME Work Cheers But see solving rulez...
EvOlUtIoN Posted April 23, 2009 Posted April 23, 2009 bah, i'll not write a tut on a so simple packed file. It was really too easy. Next time do not use vb and try to make an unpackme virtualizing some procedure and with a more complex VM.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now