[rw freawabs.com/asux/Unpackme7soLrar [OllyDbg 1.10 imporREConstructorSTEP 1 - Executable file analysis after installation nstallation because came in a single executable file, first step is| encrypted/packed ot figure 1 for d check if the Jcan use the ina plain ‘0 make this we| EiTemolasmratectist_oroacknatuteiafunpackne7 ee ‘coonioo e sexton: [ eee ru ovten [s5aa gaa [>| Lnkeeanfo: [S4z subaysem: [wince GUI ‘efotak L2ERCH- B08. Abe Secor tmuiscen | [Teskviewer| [Ontos | [oboe | est F gay ontop [e{ [>] In order to have some idea abou finder feature, with this you have > (Original Entry Point) you can use the generic OEP| et Fund Oz: oo4u02s 19. 2 OEP from PEID. This can't be the real OEP, but Is only for our main idea about this. ‘STEP 2 - Manual unpacking Now is time to know the target, execute it and look is behavik dialog box:eon eee Try to unpackeel Packed wth ASProtect 3. bi: ehacnhaihardaninio I you unpack success Serd ut andthe lrpacked isto me at kegujerkana@eyna com bicet te Evctook, HVs, REA, FFF. AR Tea member. Phare renembll You canvun this unpccke ory 15 days Fig. 3 Main program dialog b he Cool...f button to close the program ad the executable into OllyDbg and select the plugin IsD Present TERR] view Debug Pgre Options Windbw Hab i) sie s usual with ASProtect, in order to find the real OEP you able ;ption handling from the debugger, to his go to the Options menu and then select Debugging options (or simply press Alt+O): [EDFie view Osteo Paine REE Window Hee W look if your settings match this one (if not it accordling to the figure 6):