squalito
June 29th, 2008, 10:15
Hello,
I'm looking for some informations about Xenocode. How it works, what solutions exists to unpack, etc.
In fact, what I've found is that xenocode pack the exe and the dll. Then at runtime it unpack them in memory (surely with also the virt machine)
I've been able to unpack the exe and the dll but I've done this from a bad way I think (I looked for MZ in memory map)
Also the obfuscation is well done, and I had a lot of pbms to find my way.
Finally I've been able to create a Keygen, but one more time I've done this using a long and bad way.
So do you have some informations of how we could unpack xenocode ?
ps: The LibX tool doesn't work with last xencode verison, and I don't want to use an unpacker but rather find a good/general way to upack xenocode
The idea behind this is to rip xenocode functions, and maybe create an unpacker..
So all informations that could put me on the good way are welcome
Thanks by advance
I'm looking for some informations about Xenocode. How it works, what solutions exists to unpack, etc.
In fact, what I've found is that xenocode pack the exe and the dll. Then at runtime it unpack them in memory (surely with also the virt machine)
I've been able to unpack the exe and the dll but I've done this from a bad way I think (I looked for MZ in memory map)
Also the obfuscation is well done, and I had a lot of pbms to find my way.
Finally I've been able to create a Keygen, but one more time I've done this using a long and bad way.
So do you have some informations of how we could unpack xenocode ?
ps: The LibX tool doesn't work with last xencode verison, and I don't want to use an unpacker but rather find a good/general way to upack xenocode
The idea behind this is to rip xenocode functions, and maybe create an unpacker..
So all informations that could put me on the good way are welcome
Thanks by advance