Safengine has released its Protector today.And Here is two UnPackMes.

 

"UnPackMe_se_220_Default.exe" is the default Protect option.

"UnPackMe_se_220_Mid_VMed_6Routine.exe" is My Packed which uses some other option etc.

 

Hope You can like it. If you have Unpacked it. Will you make something to be known to the public ?

 

 

UnPackMe_se_220.rar

Hi White,

Unpacking the default version is no problem so you just need to fix all API / Commands etc which you can do with a script etc.So the other one is almost the same but just with VMed main code as you already said.Here its a bit more harder if you need to keep the VM then you need to re-fix some intern stored APIs and create new Heap locations etc so for this you need a bit more time + testing later.Anyway so here my clean unpacked file.Just test and tell whether all is working.Maybe I send the unpacked VMed [have to test again] file soon.

greetz

UnPackMe_se_220_Default_Unpacked.rar

@LCF-AT

 

Nice Work,this default unpacked file works fine.As you said,I do spend  more time to make the unpacked file more nicer.

And I create a script for it ,but not for all files which is protected by each safengine version.Maybe some day's later,it will,also I hope.

Or some detail infos from you ,Your greatness.

Shielden does not offer an Anti dump. The anti dump feature is included in the paid version which is inside the VM. Here you can just fix the Api's in the VM and the target will run.