View Full Version : Need Help Unpacking Microsoft Visual C++ 6.0 [Overlay]!
luchardlaw
07-13-2010, 11:43 AM
Hi guys..i m very new in reverse engineering and i've find myself in trouble unpacking Microsoft Visual C++ 6.0 [Overlay] packed file..can anyone please tell me how to unpack it?which tools do i need to use?
You will not unpack it because it is not packed!
Git
luchardlaw
07-14-2010, 08:03 AM
i dont get you..what do you mean that the file is not packed?i've scanned it with PEid and it says it is packed with Microsoft Visual C++ 6.0[Overlay]?
PEID is telling you that the exe is NOT packed, it is just a straight forward app compiled with Microsoft VC 6.0 and linked in Overlay mode.
Git
luchardlaw
07-15-2010, 11:57 AM
i see...then how can i remove the compilation??
gnerogeem
07-15-2010, 12:33 PM
Wow, I think you don't even know what your asking rite?
There are some packer such as Crykey that PEiD doesn't identify.
Eventually it will detect it as Microsoft Visual C++ 6.0 [Overlay] packed.
luchardlaw
07-16-2010, 01:27 PM
yeah..i m a total newb in reverse engineering...so how do i identified if the file is crypted with Crykey?
I have not heard of Crykey. Do you mean CrypKey ?. If so, look for a tool called ckinfo.
Git
luchardlaw
07-19-2010, 08:38 AM
erm..is it ok if i post the software here and let you have a look for me?i m not sure whether even the software is packed with Crpkey or not...
You need to make some effort yourself first. Go and read tutorials and learn about RE.
Git
longtruongxuan
09-20-2010, 06:09 AM
Try detect by "FastScanner v3.0 Final"
doramide7
09-25-2010, 01:10 PM
i dont get you..what do you mean that the file is not packed?i've scanned it with PEid and it says it is packed with Microsoft Visual C++ 6.0[Overlay]?
PEID is telling you that the exe is NOT packed, it is just a straight forward app compiled with Microsoft VC 6.0 and linked in Overlay mode.
vBulletin® v3.6.4, Copyright ©2000-2015, Jelsoft Enterprises Ltd.