White Posted June 15, 2013 Posted June 15, 2013 Safengine has released its Protector today.And Here is two UnPackMes. "UnPackMe_se_220_Default.exe" is the default Protect option. "UnPackMe_se_220_Mid_VMed_6Routine.exe" is My Packed which uses some other option etc. Hope You can like it. If you have Unpacked it. Will you make something to be known to the public ? UnPackMe_se_220.rar
LCF-AT Posted June 16, 2013 Posted June 16, 2013 Hi White,Unpacking the default version is no problem so you just need to fix all API / Commands etc which you can do with a script etc.So the other one is almost the same but just with VMed main code as you already said.Here its a bit more harder if you need to keep the VM then you need to re-fix some intern stored APIs and create new Heap locations etc so for this you need a bit more time + testing later.Anyway so here my clean unpacked file.Just test and tell whether all is working.Maybe I send the unpacked VMed [have to test again] file soon.greetzUnPackMe_se_220_Default_Unpacked.rar 1
White Posted June 16, 2013 Author Posted June 16, 2013 @LCF-AT Nice Work,this default unpacked file works fine.As you said,I do spend more time to make the unpacked file more nicer. And I create a script for it ,but not for all files which is protected by each safengine version.Maybe some day's later,it will,also I hope. Or some detail infos from you ,Your greatness.
Lostin Posted June 16, 2013 Posted June 16, 2013 Shielden does not offer an Anti dump. The anti dump feature is included in the paid version which is inside the VM. Here you can just fix the Api's in the VM and the target will run. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now