Flag: Tornado!
Hurricane!
|
|
| WinUpack v0.39 |
Dwing |
Compressor |
saphex |
January 10 2008 |
|
| PE header |
no |
no |
PS______, _xQ, [blank] |
N/A
|
|
|
Simple compressor, can strip relocs and export table. After restoring the import table trough GetProcAddress and LoadLibraryA, it does a return with the oep in the stack.
|
|
00000000 85 C0 test eax, eax
00000002 74 1F jz short 00000023
00000004 ; ...
0000001C 50 push eax
0000001D 53 push ebx
0000001E FF D5 call ebp
00000020 AB stosd
00000021 EB ?? jmp short value
00000023 C3 retn |
|
|
00000000 BE ?? ?? ?? ?? mov esi, value
00000004 AD lodsb
00000005 AD 50 push eax
00000007 FF 76 34 push dword ptr [esi+34h]
0000000A EB ?? jmp short value |
|
|
|
|
|
|
|
There are 31,320 total registered users.
|
|
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}