Arting Posted August 9, 2014 Share Posted August 9, 2014 This target is protected by Themida 2.3.1.0 with Macros Virtualize VM macros with: TIGER 32 (Black) Task: Unpack target and patch check Good luck! UnpackMe Themida 2.3.1.0 + Macros.rar Link to comment Share on other sites More sharing options...
White Posted August 10, 2014 Share Posted August 10, 2014 (edited) The "good boy" is tuts4you. Right ? VM Addr : 00453DEA Edited August 10, 2014 by White、、 Link to comment Share on other sites More sharing options...
LCF-AT Posted August 10, 2014 Share Posted August 10, 2014 Hi again and thanks for a new UnpackMe, why patching the check?Just enter right key "tuts4you" then it will accept it. PS: Aha!New tiny AntiDump trick inside. greetz UnpackMe_Unpacked.rar 2 Link to comment Share on other sites More sharing options...
GIV Posted August 11, 2014 Share Posted August 11, 2014 Yep.Old tricks for OEP are still valid. 00454078 55 PUSH EBP 00454079 8BEC MOV EBP,ESP 0045407B 83C4 F0 ADD ESP,-0x10 0045407E B8 E83E4500 MOV EAX,UnpackMe.00453EE8 00454083 E8 8C20FBFF CALL UnpackMe.00406114 00454088 A1 DC5F4500 MOV EAX,DWORD PTR DS:[0x455FDC] 0045408D 8B00 MOV EAX,DWORD PTR DS:[EAX] 0045408F E8 C8E4FFFF CALL UnpackMe.0045255C 00454094 8B0D BC604500 MOV ECX,DWORD PTR DS:[0x4560BC] ; UnpackMe.00457B94 0045409A A1 DC5F4500 MOV EAX,DWORD PTR DS:[0x455FDC] 0045409F 8B00 MOV EAX,DWORD PTR DS:[EAX] 004540A1 8B15 183C4500 MOV EDX,DWORD PTR DS:[0x453C18] ; UnpackMe.00453C64 004540A7 E8 C8E4FFFF CALL UnpackMe.00452574 004540AC A1 DC5F4500 MOV EAX,DWORD PTR DS:[0x455FDC] 004540B1 8B00 MOV EAX,DWORD PTR DS:[EAX] 004540B3 E8 3CE5FFFF CALL UnpackMe.004525F4 004540B8 E8 6700FBFF CALL UnpackMe.00404124 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now