Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[unpackme] DTProtect 1.004 Unpackme

Xjun
Xjun
in UnPackMe

Featured Replies

Posted

DTProtect company is China Kunshan DiShui reverse Themida and VMProtect developed by the new shell! And added a new core technology!


 


 


 


 


UnpackMe.rar

This sould be like when it runs?


 


post-31931-0-27089300-1375335169.jpg

Edited by GIV

  • Author

attachicon.gifClipboard01.jpgThis sould be like when it runs?

Anti OD !

The [unpackme] tag has been added to your topic title.

Please remember to follow and adhere to the topic title format - thankyou!

[This is an automated reply]

Xjun, please can you follow the topic title format! Thanks...


 


Ted.


  • Author

@LCF-AT  You are the best


Anti OD !

No debuger was loaded.

  • Author

No debuger was loaded.

Please check the kernel hooks, shadow hooks, as well as your computer is turned on the debugger?

Hi Xjun,

ok your new unpackme does run now outside. :) Only a short while...

VirtualAllocGetSystemTimeSystemTimeToFileTime---------------ZwQueryInformationThreadLoadLibraryAMessageBoxAZwTerminateProcess---------------VirtualFree0012FCC8   006154AD  /CALL to VirtualFree from Testpiao.006154AA0012FCCC   014D0000  |Address = 014D00000012FCD0   00000000  |Size = 00012FCD4   00008000  \FreeType = MEM_RELEASE014D0000  JMP 0061A1CF   ; Custom SEH chain.....00617D14  JMP EDXQueueUserAPCQueryPerformanceCounterQueryPerformanceFrequencySleepEx0012FCCC   0060B7BC  /CALL to SleepEx from Testpiao.0060B7B90012FCD0   00000000  |Timeout = 0. ms0012FCD4   00000001  \Alertable = TRUELoadLibraryAMessageBoxAZwTerminateProcess
So the file need a lot time to run and the code seems also be executed in realtime only.Some kind of VMed of anything.Nice idea [bad or me] but this protection seems also to be very unstable to run normaly and does also hang completly after a very short while [popup new messagebox xy and exit] so how should anyone use the target then you know?Also in taskmanager it used the most memory of all my running processes and the target is only a little window with one button. :) Don't wanna know how much memory it will need if you protect any real targets etc.So I don't think that this protector has any future [maybe I am wrong with this opinion].Anyway,so it seems not be a protector for me for unpacking if the whole code was VMed.

greetz

Create an account or sign in to comment

Go to topic listing

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.