Binary Analysis
PECompact2 Jun 23 2006 06:08PM
als hush com (4 replies)
RE: PECompact2 Jun 25 2006 11:07PM
Earl_Marcus_Tan dell com
Re: PECompact2 Jun 23 2006 11:08PM
derez (derez packetforge net)
Re: PECompact2 Jun 23 2006 10:42PM
Lance James (phishing securescience net)
Re: PECompact2 Jun 23 2006 09:59PM
Greg Hunt (gregory hunt gmail com)
On Fn 6/23/06, als (at) hush (dot) com [email concealed] <als (at) hush (dot) com [email concealed]> wrote:
> Now I would like to unpack the executable to carry on with the
> analysis. From what I could understand this would only be possible
> by running it in a test win32 system, probably using a dissasembly
> tool, since it only "unpacks" itself when being executed. Is that
> correct? Would there be some other way of doing so, perhaps using
> some sort of decompression tool? I was not able to find any so far.

OllyDBG:
http://www.ollydbg.de/

OllyDBD OllyScripts to help unpack PECompact2 executables:
https://www.openrce.org/downloads/browse/OllyDbg_OllyScripts

Old tutorial on unpacking an executable compressed with an older
version of PECompact:
http://207.218.156.34/fravia/amois_PeCompact_e.htm

-Greg

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus