Armadillo in Polyphonic Wizard v3.5

While we have an active topic within reason, I'll pop my question in here.

I too have been trying to unpack an application that shows Armadillo 3.78 as the packer. I have found what I believe is the Entry point and used ollydump to dump the file. I'm stuck trying to use Imprec to rebuild the IAT, and seem to be getting no where fast. I've tried my best to use imprec with this packer, though I don't think I fully understand what to do. I can't run the dumped exe because of this, so I just opened it in olly to use imprec on the dumped file. Is this the correct way about going at this? Perhaps someone can help me with this subject.

Thank you.

Hi,

maybe this thread:
_http://forum.exetools.com/showthread.php?t=6664 -> Armadillo 4.xx standard unpacking by DappA
will help you .. covers IAT stuff ... i hope it works for you ...

_veDc

EDIT: Just deleted the not working URL Tag .. sorry ..

Quote:

Originally Posted by _veDc

Hi,

maybe this thread:
_http://forum.exetools.com/showthread.php?t=6664 -> Armadillo 4.xx standard unpacking by DappA
will help you .. covers IAT stuff ... i hope it works for you ...

_veDc

EDIT: Just deleted the not working URL Tag .. sorry ..

Though the IAT rebuild is completely different it seems, I'm not finding anything that is stated. I'll post an attachment for all to look at, maybe someone will enlighten me.

EDIT: Added required dll to the attachment.

hxxp://ollydbg.win32asmcommunity.net/index.php?action=vthread&forum=6&topic=1105

Finding the OEP isn't what I'm looking for. I can't figure out how to rebuild the IAT with the tutorial posted. The OEP for my attached file is 00029B73

Quote:

Originally Posted by AdamD

Finding the OEP isn't what I'm looking for. I can't figure out how to rebuild the IAT with the tutorial posted. The OEP for my attached file is 00029B73

Sorry AdamD i was Referring to the original post from codeX
btw yor attachment doesn't work