Hi All

Does anyone knows how to defeat Execryptor 1.5.1...

I tried to unpack it with Olly (It's first packed with a modified version of UPX).. I found the original entrypoint but couldn't find the IAT...

So my question is : Is it possible to first unpack the UPX part and then go on ?

Other Info about this cryptor is also welcome...

ps. I've already tried to unpack it with Generic "UPX Unpacker by Bratalarm" but after succesfull unpacking it didn't run...

GR
MiniMind

If memory serves me correctly, evil unpacked it, I'm sure if you ask him nicely he will tell you all about it

I'm suspecting you may have mis-typed 'eval" as evil." "But who knows what evil lurks in the hearts of men." "The Shadow knows."

In any case, MiniMind, you appear not to have followed the directions in the FAQ mentioned in the BIG RED LETTERS at the top of the Forums. At least you have not indicated any effort at searching for the answer to your problem. Using "execryptor unpacking" without the quotes, I quickly found several interesting sources of information, including an OllyScript related to this target.

Regards,

I searched for it on this forum only 1 thread not very helpful.

I already found that script "Execryptor 1.5.x", but wasn't able to understand it... (script itself didn't work)

But I will search and read some more about OllyScript...

MiniMind

"I'm suspecting you may have mis-typed 'eval" as evil."
a slop of the funger

Happens to the bust o fus.

Regards,

don't need to unpack UPX first since OEP UPX will give will be for the Execryptor section .. if you know REAL OEP just dump from there set it with a PEeditor ... fix IAT ...same process for all packers/protectors, when you reach real OEP exe/.dll will be fully decrypted for most cases


Regards

Thanks I will work on it...