is there armadillo packing / unpacking analysis?

Discussion on reverse-engineering and debugging.
Stylo
Posts: 48
Joined: Sat Jan 14, 2012 7:03 pm

is there armadillo packing / unpacking analysis?

Post by Stylo » Sun Jan 12, 2014 2:46 pm

Hi,
Searching in the web but with no luck for some armadillo packing analysis
packing techniques / anti debugging / dumping
basically how does it pack the code and unpack it?
Thanks

TheExecuter
Posts: 25
Joined: Sat Aug 10, 2013 5:02 pm

Re: is there armadillo packing / unpacking analysis?

Post by TheExecuter » Mon Jan 13, 2014 4:24 pm

you have a sample?
post it.

SomeUnusedName
Posts: 46
Joined: Fri Oct 07, 2011 1:17 pm

Re: is there armadillo packing / unpacking analysis?

Post by SomeUnusedName » Tue Jan 14, 2014 9:12 am

Search on http://tuts4you.com for Armadillo, lots of information there.

User avatar
R136a1
Forum Admin
Posts: 218
Joined: Wed Jul 13, 2011 4:30 pm
Location: Netherlands

Re: is there armadillo packing / unpacking analysis?

Post by R136a1 » Tue Jan 14, 2014 9:50 am

You can also take a look at the ARTeam website (and forum), they also have some information about Armadillo. Recently, they released an update of their Armadillo unpacker "ArmaG3ddon":
http://accessroot.com

Stylo
Posts: 48
Joined: Sat Jan 14, 2012 7:03 pm

Re: is there armadillo packing / unpacking analysis?

Post by Stylo » Wed Jan 15, 2014 12:04 pm

I'm not searching for unpacking tools for some packed PE.
Just wondered if there are any analysis of it's packing / unpacking technique (like where the packed code is located and where it dropped when unpacking)
i.e. PE packed by upx has .upx0 and .upx1 sections where upx1 contain the packed code and upx0 will contain the code once it'll be unpacked

tonyweb
Posts: 2
Joined: Sat Feb 08, 2014 11:42 am

Re: is there armadillo packing / unpacking analysis?

Post by tonyweb » Sat Feb 08, 2014 9:14 pm

There is the great paper by AndreaGeddon (on which ARTeam's Armageddon initial idea is based upon) ... you can find it here:
Regards,
Tony

Stylo
Posts: 48
Joined: Sat Jan 14, 2012 7:03 pm

Re: is there armadillo packing / unpacking analysis?

Post by Stylo » Sun Feb 09, 2014 12:22 pm

tonyweb wrote:There is the great paper by AndreaGeddon (on which ARTeam's Armageddon initial idea is based upon) ... you can find it here:
Regards,
Tony
That looks great
I'll take a look at it

Thanks :)

voroojax
Posts: 15
Joined: Thu Feb 17, 2011 10:19 pm

Re: is there armadillo packing / unpacking analysis?

Post by voroojax » Mon Feb 10, 2014 6:28 am

tonyweb wrote:There is the great paper by AndreaGeddon (on which ARTeam's Armageddon initial idea is based upon) ... you can find it here:
Regards,
Tony
that' great. more paper about (other) packer internals would be great too.
share please.

thanks

tonyweb
Posts: 2
Joined: Sat Feb 08, 2014 11:42 am

Re: is there armadillo packing / unpacking analysis?

Post by tonyweb » Sun Feb 16, 2014 6:50 am

@voroojax
A bit off-topic. However, as told by R136a1, there are the fantastic AsProtect papers by deroko (unpacking and VM Analysis).

I must admit I never fully understood them ... eh eh :P

Regards,
Tony

silic0n
Posts: 1
Joined: Sun Nov 28, 2010 4:06 am

Re: is there armadillo packing / unpacking analysis?

Post by silic0n » Wed Mar 19, 2014 12:15 pm

You can find at Arteam :)

Post Reply