#1
|
|||
|
|||
armadillo strange behavior
i have an exe protected with armadillo apparently 4.xx copymem and debug blocker(as it created two processes in the memory and detects ollydbg)
peid reports it as 1.5x 2.x (overlay) i tried to use armadillo version detector method using ollydbg but couldnt find armVersion> string. I tried to use copymemII + debug blocker tutorial by dappa and honacho but ... I tried to detach son from father, by scripy arma detach,, but never finds EAX=1 , manual debugging , doesnt seem to work as when ever i try to run it and do manual unpacking all the tutorial seem to fail here, as I cant even find single instruction same as in tutorials. i am a newbie, if any one could help me I'll really appreciate it. I am not requesting a crack I want to do it on my own, but little jumpstart is all I need. thanks |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Weird behavior in a patched program | Doit | General Discussion | 4 | 02-23-2022 01:48 |
Evading behavior analysis | 0xall0c | General Discussion | 3 | 05-14-2018 23:44 |
weird search behavior | abitofboth | General Discussion | 0 | 01-30-2005 20:48 |