Hi ,
There is a prog at : ftp://ftp.douran.com/packages/isputil/download/ispengine.zip
FileName : ispengine.exe

PeID didn't recognized what packer it is .
I unpacked the prog (OEP at 46AE5C) , found IAT at 75000 ,size = 99C.
Some imports are not found , and I can't found them using softice .
I tried ImpRec switch loader , but the prog doesn't run .
I can't find out what is the error , can anyone help me ?

I traced the prog , it seems that it has some kind of section checking
, I don't know , it's comparing section names and a lot more that I can't understand

ispengine.exe - 0x47d1cc
ispengine_srv.exe - 0x474c7c

I think these are the correct entrypoints...I got correct import tables corresponding to them using ImpREC as well...

About the packer, it is a modified version of ASPack, the OEP jump code is same, the outer decryption layer seems a bit different. Maybe be a derived packer...

Hi snaker

your OEP for ispengine.exe look strange .
my dumped file at 47d1cc bytes are : 60,E8,46,00,00,00,00,00,68,...
It's not like the oep ... I don't know , I put a BPM , sice didn't break .
I think it's packed twice with it's packer (ASPack) .
I can't fix it . if your file is working , plz send that to my email (SilSaLaMaTa@Yahoo.com)
, I'll work on your file to see the diffrence .