https://www.virustotal.com/en/file/080c ... /analysis/
I was wondering if someone could help give me some pointers to unpacking this, as I cannot seem to get it to run to OEP without crashing(or perhaps the binary is damaged?)
I was able to ascertain that it was packed with Mystic Compressor and the only tutorial online I found mentioned no anti-debug protections, however, this one does have some. After a few decryption routines it makes calls to CheckRemoteDebugger and also has several areas where it issues INT 3 interrupts to trap to debugger, however, the first one works by passing the exception down to the application. The following appear to use EAX as a pointer to the PEB to check for BeingDebugged, i was able to pass that area which is about 3-4 INT 3 calls. after it issues a lot of GetProcAddress and virtualallocex a lot to start unpacking some more parts of the application, but shortly after I end up on a 1 line instruction and it crashes since a data section follows (it honestly looks like it jumps into the middle of nowhere)
I'm still pretty new but im working hard at this, so any help appreciated.
You do not have the required permissions to view the files attached to this post.