[unpackme] by HSN.C3r

[HSN.C3r]

features:

-packer section is obfuscated

-"code" section is protected

-No OEP obfuscate

-imports redirected

-compatible with Win XP sp2,sp3 .(may not work on vista and win7)

level: medium ----- (please vote)

unpackme.rar

Edited February 26, 2010 by HSN.C3r

[pavka]

level: 0

script

var pntwr

var iatst

var iatend

var fp

var fn

var oep

mov pntwr,5695E8

mov iatst,00451118

mov iatend,004516D4

mov oep,pntwr+3D

bphws pntwr, "x"

bphws oep, "x"

loop:

erun

cmp eip,pntwr

jne oepfind

mov fn,[esp+1C]

cmp [iatst],ebx

jne zoend

mov [iatst],fn

add iatst,4

jmp loop

zoend:

cmp iatst,iatend

jg oepfind

cmp [iatst],0

jne oepfind

add iatst,4

mov [iatst],fn

add iatst,4

jmp loop

oepfind:

pause

sti

mov oep,[eip+2D]

mov eip,oep

MSG "Oep Faund import fixed"

ret

/>http://rapidshare.com/files/352784852/unpackmeU_.rar

Edited February 19, 2010 by pavka

[HSN.C3r]

Good job,Unpacked file works fine.

Edited February 19, 2010 by HSN.C3r

[LCF-AT]

Hi,

yes unfortunately the unpackme does not run on XP without any SP.So what was it....Poly Crypt?

greetz

[Ronar22]

Unpacked,I hope it works for all.

UnPacked.rar