kobalt Posted May 15, 2010 Posted May 15, 2010 Hi This Crackme could be a nice one VMP v2 protected (no packed) ZPRTC v1.4 Packed **Aspack signature is not as a protection CrackMe.zp.vmp.rar
LCF-AT Posted May 15, 2010 Posted May 15, 2010 Hi,hmmm so I get some bad AntiVirus message!HIDDENTEXT/CryptedSo this message is new for me so normaly I get just 2 other message's by the AntiVirus app which I can trust.What now?Trust or Trash?greetz
kobalt Posted May 15, 2010 Author Posted May 15, 2010 (edited) Hi, hmmm so I get some bad AntiVirus message! HIDDENTEXT/Crypted So this message is new for me so normaly I get just 2 other message's by the AntiVirus app which I can trust. What now?Trust or Trash? greetz Ooops the false positive in surely due to double layer protection, but the file is the same used in Asprtc+Enigma (wrong called hybrid Asprtc)a delphi free app. But maybe i have to change the protect scheme The Virus Total report is no so high 12% My Avast report it clean, someone else report or test? Edited May 15, 2010 by kobalt
LCF-AT Posted May 15, 2010 Posted May 15, 2010 Hi,ok so now I tried to unpack this too.1.- No VMP 2. -Again a first ASProtect layer.3.- ZProtect is the second layer + HWID easy check-4.- ZProtect used code VM5.- Resources fixedOk listen.Here is my first unpacked file but at the moment I have not fixed the code VM so I just added the VM section.Of course for me it works so far but I think it will not work on other systems before I fix the VMed code in the codesection.Anyway so just try this file to see whether it also works for you or not.Tell me your result.So if it not works then I need again to write a VM fixing script.Ok just try this first.greetzCrackMe.zp.vmp_Unpacked so Far.rar
kobalt Posted May 15, 2010 Author Posted May 15, 2010 LCF The file is running in my system (XP SP3). So i think, when i protect the file ( Previusly ZPT packed) with VMP doesnt apply any aditional protection So the only real protection layer remaining is ZPRT Asprtect is only as prevention AVs detections Anyway u have hit the target
LCF-AT Posted May 15, 2010 Posted May 15, 2010 Ah ok nice to hear this. So I use win XP No SP or SP1. So the VMed code is also simple so I just see that much calls are just redirected to VM....some tracing and come back into codesection where the normal address of the call should be.So you have not used the advanced VM which is much harder to fix. Better for me this time.So what comes next? greetz
Teddy Rogers Posted May 15, 2010 Posted May 15, 2010 The [unpackme] tag has been added to your topic title. Please remember to follow and adhere to the topic title format - thankyou! [This is an automated reply]
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now