|
|
|
|
#1
10-11-2015, 00:45
|
||||
|
||||
|
So from your picture i see that the differences come from the MZ header area (1), Section names (2), some author removed (3).
If the unpack is done correct the resources should be there and they can be manipulated except if a resource protection is used (encrypted or placed outside the main Virtual Space of the executable - in case of some protectors). Edit: Is a simple file to unpack and the file resources can be altered also. The OEP is a little bit lower than the end of the packer stub. Code:
0041005E > 6A 00 PUSH 0x0 00410060 E8 7BFC0100 CALL super_pi.0042FCE0 See the "About" menu. Edit 2. I get the kkruchy homepage and grab the packer: Quote:
Quote:
The unpacked file must be corrected in the size of sections . You can do that by yourself. 
Last edited by giv; 10-11-2015 at 01:32. 
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| New Executable Debugger | lucky7456969 | General Discussion | 0 | 02-24-2004 13:14 |
| Dos executable | cAtA | General Discussion | 3 | 05-20-2003 08:49 |
Hybrid Mode
