Posted February 25, 201213 yr Find a printable string that the program would print ultimately. Have fun, firstly by unpacking Unpack.zip
February 25, 201213 yr The [unpackme] tag has been added to your topic title. Please remember to follow and adhere to the topic title format - thankyou! [This is an automated reply]
February 25, 201213 yr @ Ownage 1. What is that for a BullSh..!? 2. Send a unpackme with a normal description etc or leave the house! 3. Why do you send a dll as exe? 4. And whats this... Some hidden BS again? 5. bin200.dll 6. Also there is not much to unpack!Simple OEP and some cheap API RD 10001167 MOV EDI,1000B030 ; ASCII "netsvcs"1000122A PUSH 1000B238 ; ASCII "binary 200 problom"1000122F PUSH 1000B134 ; ASCII "bin200"10001234 PUSH 1000B030 ; ASCII "netsvcs"100013BC PUSH 1000B4B4 ; ASCII "WinStationTerminateProcess"100013C1 PUSH 1000B4A8 ; ASCII "winsta.dll"10001537 PUSH 1000B4D8 ; ASCII "b2"1000153C CALL DWORD PTR DS:[1000A018] ; ADVAPI32.RegisterServiceCtrlHandlerA0013F4E8 100019E4 /CALL to CreateServiceA from bin200.100019DE0013F4EC 0017B640 |hManager = 0017B6400013F4F0 1000B134 |ServiceName = "bin200"0013F4F4 1000B238 |DisplayName = "binary 200 problom"0013F4F8 000F01FF |DesiredAccess = SERVICE_ALL_ACCESS0013F4FC 00000010 |ServiceType = SERVICE_WIN32_OWN_PROCESS0013F500 00000002 |StartType = SERVICE_AUTO_START0013F504 00000001 |ErrorControl = SERVICE_ERROR_NORMAL0013F508 0013F660 |BinaryPathName = "%SYSTEMROOT%\System32\svchost.exe -k netsvcs"0013F50C 00000000 |LoadOrderGroup = NULL0013F510 00000000 |pTagId = NULL0013F514 00000000 |pDependencies = NULL0013F518 00000000 |ServiceStartName = NULL0013F51C 00000000 \Password = NULL greetz
February 25, 201213 yr Author Don't mark it as a bull****. You must find a password, that's all . Obviously I made it a little bit tricky, not like all the rest.
February 25, 201213 yr What for a password and for what and how to use the password?If you unpack the dll then you can run it with loaddll.exe normaly so there comes no message with "enter pass" or something.So better you explain the sense of your dll file.Give some more infos why to find a password and for what you can use it etc. greetz
March 2, 201213 yr @ Ownage So where are you baby? You did still not answer my question from my last reply! So I think you got some bad conscience or? So I see there are still some downloads of this Unpack.zip file from above.... @ others Better do not download and execute this file anymore!Its a bad one.Full of virus and it changes your windows services [service kill] so that you can re-install or repair your windows after restart.So I had check this. So lets say thank you together to Ownage for sending some useless BS. greetz
March 26, 201213 yr @ Ownage a little bit tricky " a little bit nasty" Edited March 26, 201213 yr by delldell
Create an account or sign in to comment