Theislander
04-14-2015, 08:19 PM
Hi Guys,
First off I am in no way a reverser.You guys are the pros..
My question is not an easy one at least for me...
I have a very popular target "Mc..X8" that has been patched and emulated by most if not all the big "groups"
I came across this on a Chinese site where I assume changes are done to the executable..
I would like to try on my own so that I don't have to use "ANY EMULATOR"
In short what does this mean......How do you start:confused:
X5 version of the modified
cs: 414dfb 751f jne 414e1c change to cs: 414dfb eb1f jmp 414e1c
cs: 414e23 7422 jn 414e47 change to cs: 414e23 eb22 jmp 414e47
X5-mu1 version of the changes:
cs: 41519b 751f jne 4151bc change to cs: 41519b eb1f jmp 4151bc
cs: 4151c3 7422 jn 4151e7 change to cs: 4151c3 eb22 jmp 4151e7
Any help would be appreciated.
Thanks :)
First off I am in no way a reverser.You guys are the pros..
My question is not an easy one at least for me...
I have a very popular target "Mc..X8" that has been patched and emulated by most if not all the big "groups"
I came across this on a Chinese site where I assume changes are done to the executable..
I would like to try on my own so that I don't have to use "ANY EMULATOR"
In short what does this mean......How do you start:confused:
X5 version of the modified
cs: 414dfb 751f jne 414e1c change to cs: 414dfb eb1f jmp 414e1c
cs: 414e23 7422 jn 414e47 change to cs: 414e23 eb22 jmp 414e47
X5-mu1 version of the changes:
cs: 41519b 751f jne 4151bc change to cs: 41519b eb1f jmp 4151bc
cs: 4151c3 7422 jn 4151e7 change to cs: 4151c3 eb22 jmp 4151e7
Any help would be appreciated.
Thanks :)