[unpackme] themida 2.4

Posted September 1, 200915 yr

hi. Here is a new unpackme protected with themida 2.4

WITH MASTERPIECE you ENTOURAGE am

unpack_me.rar

September 1, 200915 yr

themida 2.4? never heard about it.

September 1, 200915 yr

Hi,

so it

September 1, 200915 yr

Yeah, it is probably 2.0.4.0 or 2.0.5.0, also latest antidump are not present (and useless since after OEP VM is never executed).

Anyway here is unpacked and rebuilt file, except .mackt section and some realign this is just like original one.

Themida sections are gone, OEP is fully rebuilt.

unpacked_final.zip

Edited September 1, 200915 yr by EvOlUtIoN

September 3, 200915 yr

Hi,
so it

September 3, 200915 yr

Hi,

Remove the access violation hook {also the customs if set} and let the unpacked file run from the VM OEP.Now you will break at the AV.Now have a look at the pane window and register there you can see the address what it tries to read.So you will see the mem_address+DWORD is not there in your unpacked file so you have to fix this one with the right DWORD so the mem_address is not important in this case.Now if you not have closed your first Olly then have a look at the mem_address and see the right DWORD which you need for your unpacked file.You can also find this mem_address in your unpacked file in the TM section.So in this unpackme the address is dynamic and in other app

Create an account or sign in to comment

https://forum.tuts4you.com/topic/21043-unpackme-themida-24/

Followers

Go to topic listing

Sign In

[unpackme] themida 2.4

Featured Replies

Create an account or sign in to comment

Account

Navigation

Search

Configure browser push notifications

Chrome (Android)

Chrome (Desktop)

Safari (iOS 16.4+)

Safari (macOS)

Edge (Android)

Edge (Desktop)

Firefox (Android)

Firefox (Desktop)