Hi this is my first post hehe
First of all, sorry by my poor english , i'm Spanish

Well, the problem is that:
I've a program what is packed with Armadillo 2.20 (analyzed by PeID 0.92, no CopyMem2), the program is a Windows Installer, and when i run it, (it create a Armadillo.tmp, a DLL), i need a hardware key to continue with install (the Armadillo's fingerprint protection), and i found when it decides if the key is good or bad, i patch this, and it store the key in the registry successful, but then there is other password to continue install, and this is also in the Arm DLL...

I found where you must to patch to continue, and i patch it but the program has an exception (It tries to read from a unknown memory site), and program terminates...Any idea??

Thanks for all!
Ciao!!

Try to open your unpacked exe in a debugger and when it hits the exception you should examin the stack-view to get any clues where the last executed code is. If there is an address of a piece of code in the code-section of your target, then reload the process and set a breakpoint at the address you found. Then start it and when it hits the breakpoint, you keep hitting F7 and watch what is happening there and look for the cause of the exception. Solve this problem. It is probably an unresolved call to the parent-process you stripped, or to an unresolved IAT-entry, or you might just have missed something when you unpacked it.

Hope this helps (I ain't have much experience either)
Heathcliff

yeah, i know... but i don't unpack the program, because i can't find the OEP, i need first the KEy and password to can execeute installation normally, so i can't unpacked it .
And the exceptions happens when the program try to extract the installation


Well, I will looking for...

Thanks HeathCliff!

Ciao!