Thread: Request for EZCD x86 unpack Tutorial
View Single Post
  #30  
Old 11-02-2017, 15:20
Benten Benten is offline
Friend
  
Join Date: Sep 2017
Location: Oh that's personal stuff, Don't want MI6 at my Mom's face
Posts: 24
Rept. Given: 0
Rept. Rcvd 3 Times in 3 Posts
Thanks Given: 12
Thanks Rcvd at 13 Times in 9 Posts
Benten Reputation: 3
I was just fooling around the x86 code and struck upon this one. Thought you guys should see it.

There has been absolutely no luck building clean IAT till now, but I am trying. And no luck using tools either, I've hit my bottom and started using tools temporarily, that is.

The point is, I believe nop-ing the mov (below) inside the call that follows Push 0x100 unpacks the thing, correct me if wrong, and the errors are still there. If it were splices then that error shouldn't be there if I chose to run, right?

Code:
 mov byte ptr ds:[eax], dl
Anyway have a nice day. keep rocking...

Regards,
Ben
Attached Files
File Type: rar Video.rar (5.49 MB, 32 views)
Last edited by Benten; 11-02-2017 at 15:21. Reason: Respects to Mr.Exodia, Mr.Smiling Wolf, FFF & Regards to Abhi & Exetools family