|
softdefender
sofdefender is very easy to unpack only work with times.
if you look the api GetTickCount the program take the time, but in a moment compare the time witha previous time and decide if create the second process or not.
In this form altering only one jump or playing with the times you can run in one single process mode and the unpack is very easy.
armadillo is very more difficult obviously.
Ricardo
|