Jump to content
Tuts 4 You

UnpackMe 01 Eddy^Protector


0X7C9

Recommended Posts

Language : C#
Platform : Windows (7,8,10) (x32) 
OS Version :  Windows 7,8,10 (No virtual machine!!!)
Packer / Protector : Eddy^Protector 1.0.5

Description :

Hello all. I want introduce my hard work. Please try, run and unpack this challenge. Its not confuserEx another mod. Only experienced reverser can unpack this. Sorry if not working for you. For me works, and on many stable OS´s too.

And if you have error (0xc00000005) , simply run again ;) it works on next try.. Sorry i have no time to solve that memory leak.

Good luck!

AV scan: https://www.hybrid-analysis.com/sample/a5f287aeda9145572209fba0738aa6249ab5569f82a705dad73aca5f099f8a5d/5c5355307ca3e13a9e049b1b

Screenshot :

 

 

$input.31.01.2019 19-03-37_lastest.zip

UnpackMe [EDDY^CZ 2019]_.jpg

Edited by Eddy^CZ
Link to comment
Share on other sites

I can confirm this work (after 2nd, run first was (0xc00000005) as the user mentioned)

image.png.8dabb8df5b8faaf134f6466ff96ee44c.png

 

Edited by SkyCityCZ
put 1st instead of second fix
  • Thanks 1
Link to comment
Share on other sites

I do not recommend to run Eddy's crackmes. If you ran these I recommend you to check your: "Appdata\Local\Microsoft\Host Process for Windows Services"
because there shouldn't be a folder. I had a file there called "scvhost.exe" inside "Host Process for Windows Services" which was packed with something called !Eddy

 
 
 
Link to comment
Share on other sites

4 hours ago, Zyhes said:

I do not recommend to run Eddy's crackmes. If you ran these I recommend you to check your: "Appdata\Local\Microsoft\Host Process for Windows Services"
because there shouldn't be a folder. I had a file there called "scvhost.exe" inside "Host Process for Windows Services" which was packed with something called !Eddy

 
 
  

native stub, managed file : he needed to drop the file on disk somewhere hidden ; i doubt there is anything malicious about that file, but it worth a look !

  • Thanks 1
Link to comment
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...