GamingMasteR
February 24th, 2009, 08:01
This package is intended to fill the vacuousness that turns around
the great ExeCryptor.
It's was born as an essay to understand EC internals and how it
greatly do its job.
This whole project was initiated by a dummy-extremely important
article about the PRN generating and tools coding. (I'll not go out
of any one's way by my chitchat so just forget this).
Ok, now the turn of interesting things, The whole stuff will a
series, and will be divided to 3 or 4 parts due to time impediments.
And I'll publish in each part what I accomplish and comment.
You will find in this package the following files:
+ EC LDE : EC length disasm internal engine.
+ EC_LIB_API_PROCS : Various procedures used by EC to protect API
and LIBS use. It contains:
- EC_GETKERNEL32HANDLE -> The way it grabs kernel32 lib image
base.
- EC_GETPROCADDRESS -> The way it gets API addresses.
- EC_REDIR_BP_CHECKER -> The technique it uses to check API BP
and redir.
+ EC_VIRTUAL_MACHINE : The MUST, it's EC Virtual Machine Engine and
some tools to reverse it.
+ STRINGS DECRYP-RECRYPTER : EC method to not leave string traces
in code.
With every project you will find tutorial, source code, and tools
so you can study what you want.
Download Link :
http://rapidshare.com/files/201952892/EC_MEGA_PROJECT.rar
Zool@nder of AT4RE
the great ExeCryptor.
It's was born as an essay to understand EC internals and how it
greatly do its job.
This whole project was initiated by a dummy-extremely important
article about the PRN generating and tools coding. (I'll not go out
of any one's way by my chitchat so just forget this).
Ok, now the turn of interesting things, The whole stuff will a
series, and will be divided to 3 or 4 parts due to time impediments.
And I'll publish in each part what I accomplish and comment.
You will find in this package the following files:
+ EC LDE : EC length disasm internal engine.
+ EC_LIB_API_PROCS : Various procedures used by EC to protect API
and LIBS use. It contains:
- EC_GETKERNEL32HANDLE -> The way it grabs kernel32 lib image
base.
- EC_GETPROCADDRESS -> The way it gets API addresses.
- EC_REDIR_BP_CHECKER -> The technique it uses to check API BP
and redir.
+ EC_VIRTUAL_MACHINE : The MUST, it's EC Virtual Machine Engine and
some tools to reverse it.
+ STRINGS DECRYP-RECRYPTER : EC method to not leave string traces
in code.
With every project you will find tutorial, source code, and tools
so you can study what you want.
Download Link :
http://rapidshare.com/files/201952892/EC_MEGA_PROJECT.rar
Zool@nder of AT4RE
