|
The anti-debug trick of ACProtect is INT3/INT1 etc., easy to bypass.
The Import-Table-Destroy scheme of ACProtect is just like TELock, so we can recover IT/IAT without ReVirgin/ImpREC.
The stolen bytes of ACProtect needs patience to recover.
As MrAnonymous said, code-snippet-encryption needs a real key to decrypt and there may be too many snippets encrypted. crazy.
__________________
AKA Solomon/blowfish.
|