A forum for reverse engineering, OS internals and malware analysis 

Discussion on reverse-engineering and debugging.
 #21924  by Stylo
 Sun Jan 12, 2014 2:46 pm
Searching in the web but with no luck for some armadillo packing analysis
packing techniques / anti debugging / dumping
basically how does it pack the code and unpack it?
 #21954  by Stylo
 Wed Jan 15, 2014 12:04 pm
I'm not searching for unpacking tools for some packed PE.
Just wondered if there are any analysis of it's packing / unpacking technique (like where the packed code is located and where it dropped when unpacking)
i.e. PE packed by upx has .upx0 and .upx1 sections where upx1 contain the packed code and upx0 will contain the code once it'll be unpacked
 #22226  by tonyweb
 Sun Feb 16, 2014 6:50 am
A bit off-topic. However, as told by R136a1, there are the fantastic AsProtect papers by deroko (unpacking and VM Analysis).

I must admit I never fully understood them ... eh eh :P