Reverting (statically or dynamically) the effect of a binary packer: recovering its original structure and code by removing compression, encryption, protections features..
Questions tagged [unpacking]
188 questions
9
votes
1 answer
Unpacking a Themida packed x64 executable?
Before we continue I'd like you to keep in mind I'm relatively new to unpacking executables. So I have a few
Recently I've been trying to unpack an executable (x64 architecture), aka find the OEP and restore the IAT, that is packed with Themida…
Graham Best
- 313
- 1
- 2
- 8
4
votes
1 answer
Extracting compressed firmware (NRV) for analysis
I want to analyze an embedded firmware (car's ecu). My problem is, the file is compressed.
The firmware comes with a description xml file, which states that it is divided into sections and that those sections are individually compressed, using the…
PhreakShow
- 43
- 1
- 4
4
votes
1 answer
Unpack files from executable
I have an exe application that contains three files packed in it. I know how those files were named before packing, I have around 80% of packed files and some of main executable file binary code. I've also found out that the execution creates and…
erexo
- 263
- 3
- 8
2
votes
1 answer
Unpacking an MST file without an MSI file
I've looked this up for a few days now, but I can only find software like MSTView or Orca, which both require an MSI file to unpack the MST.
Is there a way to unpack an MST file without an MSI file?
Zelpa
- 21
- 1
- 2
1
vote
1 answer
What is unpack? how to become professional Unpacker?
I asked a lot of questions in this forum about RE and I am a beginner who is very interested in reverse engineering. (i am learning the RE with Lena151)
What is unpack?
Which tools need to unpack a software?
Is there anyway for manual unpack?
How…
Jason
- 89
- 11
1
vote
1 answer
Unpacking NSISbi compressed data
I'm trying to figure out how to unpack the payload data made by NSISbi for of NSIS that adds support for installer size > 2GB.
Here is an example…
KreonZZ
- 131
- 2
1
vote
0 answers
cwa file conversion
Problem description: Axivity (axivity.com/userguides/ax3/using/) watch device logs data internally in a binary packed format. This format is named Continuous Wave Accelerometer (CWA) format. This format is very efficient for storing large amounts of…
TedK
- 11
- 2
0
votes
1 answer
How to extract ucas and utoc io store container files in unreal engine 5
I tried to use different programs for this, such as fmodel and UnrealPakViewer, but fmodel support only utoc, so I can extract only some part of files and it does not support binka audio files. UnrealPakViewer can open ucas and I can see files in…
Михаил Байраков
- 1
- 1
- 2
0
votes
0 answers
how can i rip zuma's revenge sprites from the nintendo ds rom?
opening the bin file as a tile in tinke gives me the following:
there are just random pixels that don't contain any useful sprites
and it's the same if i open the file in gimp
my directory for the zuma's revenge nintendo ds files is in downloads…
0
votes
0 answers
How to dump heap from packed program (unpack asprotect)
I have a packed program. I have found the oep of the program but the problem is every call to the system dll like kernel32, user32, ... change to a call to the heap. So the packer first allocate a big chunk of heap, copy the dll function to the heap…
haxerl
- 176
- 5
0
votes
2 answers
Question about unpacking
thank for reading, i'm a beginner trying to learn Malware Analysis and Reverse Engineering, at the moment I readed the book "Learning Malware Analysis", I fully understand it, but there is just one section that i can't grasp, Unpacking, I tried to…
Fitz
- 1
0
votes
1 answer
Service for unpacking custom protected exes?
Is there any free/paid service on internet to unpack custom protected exes? I am a RE but unpacking is not my expertise.
Thanks
Mike
- 9
- 1