Unknown Packer
 

Hi guys

i´m trying to find what packer/crypter was used with PentiumTools

http://www.pentiumtools.com
http://rapidshare.com/files/221467191/PentiumTools.1.06.rar

PEId can´t identiofy what packer/cryptr it was made. Anyone have any idea which one was used and also what unpacker use on it ?

Regards

It's Armadillo;

[PROTECTiON SYSTEM]
Professional Edition
[PROTECTiON OPTiONS]
Debug-Blocker protection detected
CopyMem-II protection detected
Memory-Patching Protections enabled
Strategic Code Splicing enabled
Import Table Elimination enabled

Tks,

but it is not working.. I tested with many armadillo unpackers and the file refuses to be unpacked.

What is the neecssary (and working) tool to unpack this ?

Have any idea which file to use ?

Well I don't like using unpackers, if you can't do it manually...
However armageddon 1.33, with name hack (changing the window name) unpacks it fine.

q.

Done

Many thanks

Do you use a spoon to stir your tea or your finger?

Git

hm
 

Well, knowing to use your finger to stir your tea, is good when you lack of a spoon, isnt it?

Indeed it is, but refusing to use a spoon that is in the saucer and using your finger instead is uncivilised :)

Git

But it requires way more skill if your tea is hot enough. ;)

No, what I meant is that unpackers don't teach you anything.. They're there to speed up the process once you've mastered a protection and it gets boring... ( Note I said 'can't' not can in my first statement. Most likely you interpreted it as 'can'.. ) Just using some unpacker defeats the imho the purpose of reversing.. It's the challenge of defeating a protection for the first time that's fun, not using a a program and click some buttons,

It's only a pitty that not everybody is here for the challenge. Only the result "whoaah I crackzorred it using unpacker x"..
(Though depending on your goal that isn't necessarily a bad thing, I mean there are pure keygenners around. That just hate unpacking.. ;)..)

As quosego wisely pointed, it is an Armadillo target, and last released version of Armageddon (v1.6) can unpack it without problems; no need to change the window name since this 'bug' has been solved... :D

Best regards

Nacho_dj

yes Armageddon (v1.6) is very Good Tools but it fail in some target especially ...with target like :
target <<VB6.0>> with this options
Debug-Blocker protection detected
CopyMem-II protection detected
Memory-Patching Protections enabled
Strategic Code Splicing enabled
Import Table Elimination enabled

it can't unpack it ....and I can give u some example ..
so I agree with quosego in this point ...man must not depended on unpacker unless he know how to unpack it ,and he need to save some times ,not else .
I like to work on Armadillo ( as all know ) .
but I like very much to use Armageddon (v1.6) ,which is very amazing ...
big Thanks go to Condzero and Arteam.

We are working to get ALL Armadillo targets unpacked by Armageddon, so please, when you find any target failing, as you mentioned in your post, report a target link to us, any of ARTeam members...

Thanks for your feedback.

Cheers

Nacho_dj

http://download.cnet.com/FlashCards-2003/3000-2051_4-10022954.html

I don't know I have try to unpack it under VMware i don't if this affect .
many thanks

Armadillo was a old story. I think if Armadillo's author change all structure of protection,it will be better.

@trickboy: Hi my friend
Long time we didn't hear ur voice ....
nice to see u around .