The idea is not new. In fact it is already used in nearly every protector having some kind of VM features.
But I think the best part is the following:
Code:
[...]
3. Principle of work
[...]
C. Running the real code in stack
Push encrypted instruction code to stack, decrypt it,call it!
[...]
This will make all people with DEP turned on (you can't even turn it off on Windows x64) happy, since each and every instruction will now crash the application.
Edit:
I just checked the sample application. It's full of code like this one:
Code:
xor d,[esp][06],023436576
mov eax,esp
call eax
Of course it will crash.
