Web
: http://mxb.cjb.net
Contact Me : [email protected] or [email protected]
ASProtect
Type : Packer
This packer is little more tough to unpack.It is fiddling with the programs
idata [import table section].So first we have to find the virgin import table
and glue it to the dumped file.For finding import table BPX LOADLIBRARYA
will help but I have found in new releases this also will not help :(
First you will have to edit the file in PE Editor and study all section
and make a guess where the real import table will be loaded in memory.
Handling packers is really a tough job.We will have to become a guru in PE
format and all that stuff and also understand how a debugger works.
In new release of ASProtect is does a nasty thing to our PC if it has SICE
loaded ,it will change the interupt flags and this will result in PC crash.
I will nail this sucker one day !!!! Need to know more things :(