Jump to content
Tuts 4 You

[UnPackMe]Enigma 1.68 with Virtual Machine


wuhanqi

Recommended Posts

Hello everyone:

This PE Optimizer 1.4 was packed By myself with Enigma 1.68.

Anti-Debugger.Check sum. File analyzer deception. Advance Import Protection And Virtual Machine were enabled.

I've selected several functions.

If you can unpack this file. Please write a tut. You may send it to me. My email address is wuhanqi@qq.com.

I really want to learn about how to deal with the Virtual Machine.

Thanks.

wuhanqi.

PE Optim_EN_packed.rar

Link to comment

Hello:

Good JOBS! LCF-AT and -kNiGhT-!

But i still don't know the way you fixed the virtual machine.

Could you tell me some key points?

thx.

Edited by wuhanqi
Link to comment
  • 2 weeks later...

How do you get around olly crashing when it jumps to the dll it extracts inside the exes space?

004B26ED 8038 00 cmp byte ptr [eax], 0

004B26F0 74 65 je short 004B2757 ; jne

004B26F2 80BE B6160000 0>cmp byte ptr [esi+16B6], 0

004B26F9 74 4C je short 004B2747

004B26FB 8D86 BD190000 lea eax, dword ptr [esi+19BD]

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...