Hiya,
I can't really help with any details yet, but I looked at this target briefly earlier and the custom packer looks rather interesting. As you mention, not really difficult to follow the generalities without having to trace forever and anon, but I didn't have time to get into it deeply.
If you let it run, which you don't want to do outside of a VM since it tries to install a service to be run every time your computer starts, it unpacks an exe file to the windows system32 directory. The file is upx packed. If you unpack that it also has a PEPACK packing.
I did a quick dump of the PEPACK but imprec doesn't resolve the imports and suggests manual rebuilding would be necessary. I've never played with PEPACK so maybe there's a few trickz involved...
I *think* if you let it run you could safely get the UPX packed file, as long as you've got a firewall such as ZoneAlarm which will alert you that a service ("Servicos"

is wanting to be installed, which you can of course deny. I wouldn't want to say go ahead and do this outside of a VM because I don't know if any registry entries are created or any other files are unpacked. but it *looks* like only the 1 service file (system.exe I believe) is created.
If you deny the service to be installed it think it would be fairly impotent. Mcafee at least doesn't register the PEPACKed file as a threat by itself.