This target is protected by Themida 2.3.1.0 with Macros

 

Virtualize VM macros with: TIGER 32 (Black)

 

Task: Unpack target and patch check

 

Good luck!

 

UnpackMe Themida 2.3.1.0 + Macros.rar

The "good boy" is tuts4you. Right ?

 

VM Addr : 00453DEA 

Edited August 10, 201411 yr by White、、

Hi again and thanks for a new UnpackMe,

 

why patching the check?Just enter right key "tuts4you" then it will accept it.

 

PS: Aha!New tiny AntiDump trick inside.

 

greetz

UnpackMe_Unpacked.rar

Yep.

Old tricks for OEP are still valid.

00454078    55              PUSH EBP

00454079    8BEC            MOV EBP,ESP

0045407B    83C4 F0         ADD ESP,-0x10

0045407E    B8 E83E4500     MOV EAX,UnpackMe.00453EE8

00454083    E8 8C20FBFF     CALL UnpackMe.00406114

00454088    A1 DC5F4500     MOV EAX,DWORD PTR DS:[0x455FDC]

0045408D    8B00            MOV EAX,DWORD PTR DS:[EAX]

0045408F    E8 C8E4FFFF     CALL UnpackMe.0045255C

00454094    8B0D BC604500   MOV ECX,DWORD PTR DS:[0x4560BC]          ; UnpackMe.00457B94

0045409A    A1 DC5F4500     MOV EAX,DWORD PTR DS:[0x455FDC]

0045409F    8B00            MOV EAX,DWORD PTR DS:[EAX]

004540A1    8B15 183C4500   MOV EDX,DWORD PTR DS:[0x453C18]          ; UnpackMe.00453C64

004540A7    E8 C8E4FFFF     CALL UnpackMe.00452574

004540AC    A1 DC5F4500     MOV EAX,DWORD PTR DS:[0x455FDC]

004540B1    8B00            MOV EAX,DWORD PTR DS:[EAX]

004540B3    E8 3CE5FFFF     CALL UnpackMe.004525F4

004540B8    E8 6700FBFF     CALL UnpackMe.00404124