PE Pack-Crypt

Some Info about the Packer/Encrypter and Author... Author: Vecna
Homepage: None.
Email: None.
Size of Packer/Encrypter: 3.50 KB
The Packer/Encrypter itself is Packed/Encrypted with PE Pack-Crypt .
Author Words about the Packer/Encrypter... There's no ReadMe or anything inside the programs .zip :)
Features... Compression.
Special stuff the Decryption Routine uses... None actually, but the Routine which sets the Sections characteristics is nice because i almost don't see that in any other Packer/Encrypter ;)
The best API to Break on... The best API to break on for the beginning: VirtualAlloc
The best API to break on for the end: GetProcAddress
Recognization of this Packer/Encrypter... PE Pack-Crypt has it's own MZ/PE Header which means that it doesn't change much :)
So you can check the name of the first section if it's: XXXXXXXX
Or you can check at Raw Address: 000001E0 if there's the text: PE PACK\CRYPT by Vecna (c) 2001

But ofcourse it's never wise to only depend on the MZ/PE Header for checking, because it can easily be changed ;)
Recognization Bytes... FC 8B 35 70 01 40 00 83 EE 40 6A 40 68 00 30 10
OEP Jump... mov eax, OEP
jmp eax


If you can add any kind of information for this page (Like Homepage/Email of the Author) then send me a Email

Don't trust the Outside, trust the InSiDe !!!

CoDe_InSiDe