Jump to content
Tuts 4 You

PandaObfuscator, with custom VM


Recommended Posts

Difficulty : 2-3
Language : .NET
Platform : Windows
OS Version : Windows7+
Packer / Protector : PandaObfuscator (Modded Confuser) with Custom VM

Description :

Just basic UnpackMe, want to see if my obfuscator good/bad

Screenshot :



Link to comment
Share on other sites

  • 2 months later...

I'm cannot resolve the challenge yet, it's indeed very hard (at least for me). I would like just to know whether I've got the correct partial result or not.

I've managed to "dump" the key checking procedure, which locates on several non-contiguous pages (!?). The attached image is a part of it (I don't know how to capture all the function). I've found that there is a loop which reads each chararacter (input key is a wide string, each char is 2 bytes) by the instruction

movz ecx, [eax + ebx * 2]

the character is then checked with several values (e.g. "-", etc). But I still cannot go further.


Edited by tathanhdinh
code reformat
Link to comment
Share on other sites

  • 3 weeks later...
  • 1 year later...
  • 2 months later...
  • 6 months later...
On 9/5/2020 at 10:27 PM, tungtruong20xx said:

can u help me this method :(

sorry my english is bad
exe and runtime.dll


give me the file

Edited by deluxe
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...