wuhanqi Posted July 25, 2009 Posted July 25, 2009 Hello everyone:This PE Optimizer 1.4 was packed By myself with Enigma 1.68.Anti-Debugger.Check sum. File analyzer deception. Advance Import Protection And Virtual Machine were enabled.I've selected several functions.If you can unpack this file. Please write a tut. You may send it to me. My email address is wuhanqi@qq.com.I really want to learn about how to deal with the Virtual Machine.Thanks.wuhanqi.PE Optim_EN_packed.rar
LCF-AT Posted July 25, 2009 Posted July 25, 2009 Hello,here my unpacked file.Test it.greetzPE Optim_EN_packed_Unpacked.rar
wuhanqi Posted July 26, 2009 Author Posted July 26, 2009 (edited) Hello:Good JOBS! LCF-AT and -kNiGhT-!But i still don't know the way you fixed the virtual machine.Could you tell me some key points?thx. Edited July 26, 2009 by wuhanqi
high6 Posted July 27, 2009 Posted July 27, 2009 How do you get around olly crashing when it jumps to the dll it extracts inside the exes space?
xuhw Posted August 4, 2009 Posted August 4, 2009 How do you get around olly crashing when it jumps to the dll it extracts inside the exes space?004B26ED 8038 00 cmp byte ptr [eax], 0004B26F0 74 65 je short 004B2757 ; jne004B26F2 80BE B6160000 0>cmp byte ptr [esi+16B6], 0004B26F9 74 4C je short 004B2747004B26FB 8D86 BD190000 lea eax, dword ptr [esi+19BD]
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now