[UnpackMe] - iChallengeYou UnpackMe #2

Posted December 27, 201410 yr

This one should a little bit harder then the previous one. Still no xp support yet.

Goodluck

1. Gold: SmilingWolf

2. Silver: GIV

3. Bronze: ...

iChallengeYou UnpackMe #2.rar

Edited December 28, 201410 yr by iChallengeYou

December 27, 201410 yr

Dirty unpacked, might update later with a cleaner one.

EDIT: did it and updated the attachment

Now the unpacked is half the size of the packed file

iChallengeYou UnpackMe #2_cleanup.7z

Edited December 27, 201410 yr by SmilingWolf

December 27, 201410 yr

Author

Damn, that is really fast SmilingWolf! Seems you won the gold medal

So how did you do this so fast? Did you traced all the code, or did you used api's to find the oep?

December 27, 201410 yr

- Break on system breakpoint

- MEMBP on execution on the first .aspack section

- Unpack AsPack

- When I see all the ugly code i chicken out and put a MEMBP on execution on the .text section

- run, reach the OEP, dump, fix the imports

- Be a good housewife and do the cleanings

Done!

Edited December 27, 201410 yr by SmilingWolf

December 27, 201410 yr

Author

Thanks for the little tutorial & well done!

December 28, 201410 yr

Damn, that is really fast SmilingWolf! Seems you won the gold medal

So how did you do this so fast? Did you traced all the code, or did you used api's to find the oep?

Easy enough.

OEP is clear and easy to find.

Imports clear.

Just kill the TLS after unpack.

dump_IF.7z

December 28, 201410 yr

Is unpacked under XP.

So it runs under XP.

Create an account or sign in to comment

https://forum.tuts4you.com/topic/36604-unpackme-ichallengeyou-unpackme-2/

Followers

Go to topic listing

Sign In

[UnpackMe] - iChallengeYou UnpackMe #2

Featured Replies

Create an account or sign in to comment

Account

Navigation

Search

Configure browser push notifications

Chrome (Android)

Chrome (Desktop)

Safari (iOS 16.4+)

Safari (macOS)

Edge (Android)

Edge (Desktop)

Firefox (Android)

Firefox (Desktop)