Very cool presentation, published on the 7th April 2017 by Eloi Vanderbeken at the Sthack security conference in Bordeaux, about unpacking StarForce:
http://www.synacktiv.ninja/ressource..._synacktiv.pdf
This unpacker is based on DLL injection and take care of recovering the OEP, API redirection, stolen bytes, debugger detection and hide from debugger routines.