|
so you have to wrote some kind of debugger, start app via createprocess and then in loop do WaitForDebugEvent, after start you can set bp at code location where loader writes unpacked section of code to memory, look if written unpacked code is what you are waiting for and if it is, you can patch code in memory, unset bp and let your app run.
maybe this helps
|