Unpacked dekeron.

noname231 · 03/18/2009, 03:03

Just wondering how people are making there unpacked dekeron.exe files. Every time I try to create one something odd happens so I'm taking a wild guess saying I'm F**King something up. Any help would be nice.

bottomy · 03/18/2009, 12:40

erm what you mean? do you mean unpacking the dekaron.exe, well post what your having trouble with and some can help or just look at more tuts on unpacking what its packed/encrypted with. or you mean making edits into the dekaron.exe? well you can edit so many things say what in particular and what you've done so far so we can help.

HellSpider · 03/18/2009, 13:30

In unpacking an executable you need to know several things:

1) Identifying the packer, if necessary.
2) Checking for stolen code, if such exists.
3) Checking for API Redirection, if such exists.
4) Fixing VM if there is one applied.
5) Correcting the dump (if header is messed up).
6) Fixing the Import Address Table.

There are more things but these are the most common. Of course there are scripts to do some of these things but they're often a bit light so you can't rely on them everytime

.

BOMB9999 · 03/18/2009, 14:44

Havent tried it yet, so i dont know if it works. Hopefully this helps.

-=EPvP^RULEZ=- · 03/18/2009, 14:48

Quote:

Originally Posted by BOMB9999

Havent tried it yet, so i dont know if it works. Hopefully this helps.

-hehe.. actually he dont need that... but we all know you just tying to help!!

noname231 · 03/18/2009, 19:11

I guess it's just windos 7 64 bit mode or something.

went through the list and everything is fine

1) Identifying the packer, if necessary. X
2) Checking for stolen code, if such exists. X
3) Checking for API Redirection, if such exists. X
4) Fixing VM if there is one applied. X
5) Correcting the dump (if header is messed up). X
6) Fixing the Import Address Table. X

Well I'm just going to let the unpacked posters get there thanks from me, since from what I can tell it has something to do with windows 7 from what I can tell.

~~DeckaRude~~ · 03/19/2009, 07:54

it has nothing to do with what os you have....

noname231 · 03/19/2009, 08:29

Well then I'm lost lol. Someone usually post a unpacked file so I will continue to thank them. No big loss.

HellSpider · 03/19/2009, 13:28

Quote:

Originally Posted by noname231

Well then I'm lost lol. Someone usually post a unpacked file so I will continue to thank them. No big loss.

If you want to learn unpacking I suggest that you start with some easy packer like ASPack 2.12, UPX 3.03 or NsPack 3.7

.

Just in case you're interested, the dekaron.exe for 2moons is protected with yoda's Crypter 1.x and AsProtect 2.xx SKE .

noname231 · 03/19/2009, 16:11

Ya I can make unpacked dekeron files but I seem to always miss 1 thing and I have no clue what I'm missing.

I've read all the tuts I can find and made sure I followed them to the dot on the i lol but something always makes the file not work properly.

When I do it on my old Windows XP pc it works fine but not on windows 7, 64 bit. They issue is who wants to dig up there old pc just to make a unpacked file lol.

But as mentioned before, if I need a unpacked dekeron file I'm sure no one will give a hard time for one lol.

noname231 · 03/19/2009, 16:11

Ya I can make unpacked dekeron files but I seem to always miss 1 thing and I have no clue what I'm missing.

I've read all the tuts I can find and made sure I followed them to the dot on the i lol but something always makes the file not work properly.

When I do it on my old Windows XP pc it works fine but not on windows 7, 64 bit. They issue is who wants to dig up there old pc just to make a unpacked file lol.

But as mentioned before, if I need a unpacked dekeron file I'm sure no one will give a hard time for one lol.