EXECryptor

[softworm]

Do you have any target or unpackme protected by Execryptor2.0?
I tried it on my pc and always get a crashed result with the protected
program.

Unpacking the packer itself is too time-comsuming and difficult to me.
It used TLS callback function to get control before reaching the EP,so
you must set the breakpoint at right time.

I had posted a unpackme in kanxue studio,but no one can unapck it

try

http://bbs.pediy.com/showthread.php?s=&threadid=3707

this one is packed by full version

[softworm]

OK,I'll try,I hope i'm lucky enough.

And the guy named moon seemed to
have got it?

[softworm]

I can trace it only with spare time and it might cost
a long time for me. I'm not sure if i can do it.

At first i wish to unpack it rapidly with some
trick like memory access breakpoint and failed. It
seemed that the whole entry codes have
been moved into the packer.

My target now is to find out how the control
was given to the original program,and did not pay
attention to the IAT yet.

I ignored TLS callback function 0 now. I'm tracing
function 1 but not finished. It's not difficult to
write a script to pass through function0,function1
and stop at packer's EP,it can run happily under
OllyDbg,so the problem is patience and time.
and it has no any junk code,good news.

I'll spend my holiday soon. But I won't give up.

regards.

[softworm]

Got it.

[Jay]

execryptor is b**** congratz.

[MaRKuS-DJM]

you are right, it's useless without description.
how you get OEP from the other poster:
load program into olly
olly will stop in an exception. set memory-breakpoint on code-section. skip all exceptions with SHIFT+F9. the fourth stop is the OEP from the above poster.