Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   Microsoft Visual C++ 5.0 [Overlay] ? (https://forum.exetools.com/showthread.php?t=7859)

s3ct0r 07-31-2005 16:02
Microsoft Visual C++ 5.0 [Overlay] ?
 
I'm interesting on an app, but PEiD show me Microsoft Visual C++ 5.0 [Overlay]. A quick analysis show me that is coded in foxpro but no code is there, i know that is packed but google don't show me nothing about unpacking Microsoft Visual C++ 5.0 [Overlay].

Somebody know How can I start? :confused:

Warren 08-01-2005 09:19
er,PEiD shows Microsoft Visual C++ 5.0 [Overlay]. Maybe it's not a Microsoft Visual C++ 5.0 program,but others. You can use OllyDbg to unpack it by hand.

Good luck.

dj-siba 08-01-2005 17:27
Few -New?-Modified?- packer are detected as Microsoft Visual C++
if you play with Old known packer with olly you get to know witch packer without using PEiD...

pluscontrol 08-05-2005 10:35
you could try with "RDG Packer Detector"

bollygud 08-05-2005 14:43
the best way to find out what you're dealing with here is to simply debug it. have a look at it and see. i know this is vague, but honestly that's the best thing to do.

i see these protector scanner apps as useful guides to let you know what you're dealing with and not a definitive step for deciding your next move should be. so when you get a result like [some normal compiler(overlay)] it's time to do some sleuthing for yourself ;)

good luck

Nacho_dj 08-05-2005 15:44
Hello:

Try this scanner for packed .exe:

http://download.copybase.ch/araysoft/Cb/ArayScanner2023.rar

Hope it helps!


Cheers :cool:

Nacho_dj

codeX 08-06-2005 04:01
ArayScanner....
Quote:

1.1) CD Scan:
---- -------
These protections can be detected using the "Scan" button in A-Ray Scanner V2

ActiveMARK
Bitpool
Cactus Data Shield 200
CD-Cops
CDLock
CDProtector
CodeLock
Copykiller
DiscGuard
LaserLock
LaserLock Marathon
ProtectCD
ProtectCD-VOB
SafeDisc
SafeDisc Lite
SecuROM Old
SecuROM New
SecuROM 2-7
Settec Alpha Rom
Smarte
Slovak Protector (SVKP)


1.2) Sector Scan:
---- -----------
These protections can be detected using the "Sector Scan" button in A-Ray Scanner V2
*Please note - Copy Protection version numbers CANNOT be detected with this method!*

CodeLock
DVDCrypt CSS/CPPM
Libcrypt (PSX)
Safedisc
Safedisc DVD
SecuROM
SecuROM DVD
Sysiphus
Tages
VCD/SVCD

1.3) Directory / Executable Scan:
---- ---------------------------
These protections can be detected using the "Scan Directory" button in A-Ray Scanner V2, or by dragging & dropping the executable file into the log window. If "Context Menu" is ticked in the options page you can also scan for these by right-clicking on a file and selecting "Scan with A-Ray Scanner".

3P-Lock
CD-Lock
CodeLock
JoWood Xprot
ProtectCD
ProtectCD-VOB
Safedisc
Safedisc Lite
SecuROM Old
SecuROM New
SecuROM 2-7
Smarte
Starforce
Slovak Protector (SVKP)

Not bad.:) But is it worthy here:D

suddenLy 08-11-2005 00:49
How about check the section name? Sometimes nameless packers are not detected by PEiD. And that packers usually use its own name for packer's section by default. After getting name and googling :D


All times are GMT +8. The time now is 16:25.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX