Arting Posted August 9, 2014 Posted August 9, 2014 This target is protected by Themida 2.3.1.0 with Macros Virtualize VM macros with: TIGER 32 (Black) Task: Unpack target and patch check Good luck! UnpackMe Themida 2.3.1.0 + Macros.rar
White Posted August 10, 2014 Posted August 10, 2014 (edited) The "good boy" is tuts4you. Right ? VM Addr : 00453DEA Edited August 10, 2014 by White、、
LCF-AT Posted August 10, 2014 Posted August 10, 2014 Hi again and thanks for a new UnpackMe, why patching the check?Just enter right key "tuts4you" then it will accept it. PS: Aha!New tiny AntiDump trick inside. greetz UnpackMe_Unpacked.rar 2
GIV Posted August 11, 2014 Posted August 11, 2014 Yep.Old tricks for OEP are still valid. 00454078 55 PUSH EBP 00454079 8BEC MOV EBP,ESP 0045407B 83C4 F0 ADD ESP,-0x10 0045407E B8 E83E4500 MOV EAX,UnpackMe.00453EE8 00454083 E8 8C20FBFF CALL UnpackMe.00406114 00454088 A1 DC5F4500 MOV EAX,DWORD PTR DS:[0x455FDC] 0045408D 8B00 MOV EAX,DWORD PTR DS:[EAX] 0045408F E8 C8E4FFFF CALL UnpackMe.0045255C 00454094 8B0D BC604500 MOV ECX,DWORD PTR DS:[0x4560BC] ; UnpackMe.00457B94 0045409A A1 DC5F4500 MOV EAX,DWORD PTR DS:[0x455FDC] 0045409F 8B00 MOV EAX,DWORD PTR DS:[EAX] 004540A1 8B15 183C4500 MOV EDX,DWORD PTR DS:[0x453C18] ; UnpackMe.00453C64 004540A7 E8 C8E4FFFF CALL UnpackMe.00452574 004540AC A1 DC5F4500 MOV EAX,DWORD PTR DS:[0x455FDC] 004540B1 8B00 MOV EAX,DWORD PTR DS:[EAX] 004540B3 E8 3CE5FFFF CALL UnpackMe.004525F4 004540B8 E8 6700FBFF CALL UnpackMe.00404124
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now