Custom made protection v1

[Guest Steve]

Difficulty : 6/10
Language : C#
Platform : Windows x32/x64
OS Version : All
Packer / Protector : Custom 

Description :

try to unpack my custom protector  It won't be easy(hmmm... I guess)

Screenshot :

UnpackME.rar

[SHADOW_UA]

Unpacked

Unpacked__.zip

Edited January 2, 2018 by SHADOW_UA
fix

[Guest Steve]

1 hour ago, SHADOW_UA said:

Unpacked

Unpacked__.zip

Wow. I increased my protection to maximum if you will have some time try to crack new file + native.

UnpackME2.rar

[Apuromafo]

steve, why no create a new thread  for second unpackme?

protection 1->  compresion with mpress.net+net reactor 4.8+

protection 2->program native with winlicense/themida ..maybe can have more..

BR, Apuromafo CLS

 

[Guest Steve]

11 hours ago, Apuromafo said:

steve, why no create a new thread  for second unpackme?

protection 1->  compresion with mpress.net+net reactor 4.8+

protection 2->program native with winlicense/themida ..maybe can have more..

BR, Apuromafo CLS

 

I don't like creating multiples threads about same file... I just added native + some protections and I want to know if @SHADOW_UA can easy  unpack it or not.

+If could he show me a way how he do that + what he used to unpack.

[Guest Steve]

On 3.01.2018 at 3:59 AM, Apuromafo said:

steve, why no create a new thread  for second unpackme?

protection 1->  compresion with mpress.net+net reactor 4.8+

protection 2->program native with winlicense/themida ..maybe can have more..

BR, Apuromafo CLS

 

I don't like creating multiples threads about same file... I just added native + some protections and I want to know if @SHADOW_UA can easy  unpack it or not.

+If could he show me a way how he do that + what he used to unpack.

 

well is someone here who could unpack it?

 

 

[Reza-HNA]

here is my try
only didn't removed cflow .

UnpackME2_.rar

Edited January 4, 2018 by Reza-HNA
nothing ;)

[Guest Steve]

44 minutes ago, Reza-HNA said:

here is my try
only didn't removed cflow .

UnpackME2_.rar

Wow. Can you tell me please what mark (1-10) you can give for my protection? Was it hard to unpack? and how did you exactly do that if I can ask?

[SHADOW_UA]

Full unpack with cleaned ctflow, next time create another thread if new unpackme posted.

Basically, you need to remove all protections layer by layer, for themida you need to dump module from memory, for cryptoobfuscator you need to clean constants manually by coding a simple tool, net reactor can be removed with de4dot, confuserex can be handled by CodeCracker tools (note that you need to fix it for ctflow).

 

UnpackME2_unp.zip

[collins]

17 hours ago, SHADOW_UA said:

Full unpack with cleaned ctflow, next time create another thread if new unpackme posted.

Basically, you need to remove all protections layer by layer, for themida you need to dump module from memory, for cryptoobfuscator you need to clean constants manually by coding a simple tool, net reactor can be removed with de4dot, confuserex can be handled by CodeCracker tools (note that you need to fix it for ctflow).

 

UnpackME2_unp.zip

Can you share your tool for clean cryptoobfuscator's constants ?  Look forward to.

Edited January 6, 2018 by collins

[barotyson]

On 5/1/2018 at 9:16 AM, SHADOW_UA said:

Full unpack with cleaned ctflow, next time create another thread if new unpackme posted.

Basically, you need to remove all protections layer by layer, for themida you need to dump module from memory, for cryptoobfuscator you need to clean constants manually by coding a simple tool, net reactor can be removed with de4dot, confuserex can be handled by CodeCracker tools (note that you need to fix it for ctflow).

 

UnpackME2_unp.zip

@SHADOW_UA can you hit me up in pm ? i cant pm you, i have a question .. thank you