[UnPackMe]Enigma 1.68 with Virtual Machine


Hello everyone:

This PE Optimizer 1.4 was packed By myself with Enigma 1.68.

Anti-Debugger.Check sum. File analyzer deception. Advance Import Protection And Virtual Machine were enabled.

I've selected several functions.

If you can unpack this file. Please write a tut. You may send it to me. My email address is wuhanqi@qq.com.

I really want to learn about how to deal with the Virtual Machine.



PE Optim_EN_packed.rar

Good JOBS! LCF-AT and -kNiGhT-!

But i still don't know the way you fixed the virtual machine.

Could you tell me some key points?


Edited by wuhanqi
  • 2 weeks later...

How do you get around olly crashing when it jumps to the dll it extracts inside the exes space?

004B26ED 8038 00 cmp byte ptr [eax], 0

004B26F0 74 65 je short 004B2757 ; jne

004B26F2 80BE B6160000 0>cmp byte ptr [esi+16B6], 0

004B26F9 74 4C je short 004B2747

004B26FB 8D86 BD190000 lea eax, dword ptr [esi+19BD]

