downloadbrowsewater's UnpackMe by water

Download UnpackMe_by_water.zip, 125 kb (password: crackmes.de)
Browse contents of UnpackMe_by_water.zip

This application was packed using my own protector I wrote some time ago.

Your task is to unpack it and rebuild imports.

Difficulty: 2 - Needs a little brain (or luck)
Platform: Windows
Language: C/C++

Published: 25. Aug, 2016
Downloads: 101

Rating

No votes yet.
Rate this crackme:

Send a message to water »

View profile of water »

Solutions

Solution by acruel, published 20. oct, 2016; download (43 kb), password: crackmes.de or browse.

acruel has not rated this crackme yet.

Submit your solution »

Discussion and comments

SV Reverser
12. Sep, 13:32		is packed exe doing something ?
water
Author
12. Sep, 16:18		Yup just enter two digits and you get result of adding and subtracting these numbers.
SV Reverser
14. Sep, 12:19		0040ED2B | C7 44 24 04 2F 8F 40 00 | mov dword ptr ss:[esp+4],unpackme_by_water.408F2F |

004D0A73 | 8D 85 7C FF FF FF | lea eax,dword ptr ss:[ebp-84] |
004D0A79 | 89 44 24 08 | mov dword ptr ss:[esp+8],eax |
004D0A7D | 8D 45 80 | lea eax,dword ptr ss:[ebp-80] |
004D0A80 | 89 44 24 04 | mov dword ptr ss:[esp+4],eax |
004D0A84 | 8D 85 6A FF FF FF | lea eax,dword ptr ss:[ebp-96] |
004D0A8A | 89 04 24 | mov dword ptr ss:[esp],eax | [esp]:"%d%d"
004D0A8D | 8B 45 BC | mov eax,dword ptr ss:[ebp-44] | [ebp-44]:scanf
004D0A90 | FF D0 | call eax |

004D20D7 | C7 44 24 04 CC 16 40 00 | mov dword ptr ss:[esp+4],unpackme_by_water.4016CC |

004F1630 | C7 44 24 04 B0 16 40 00 | mov dword ptr ss:[esp+4],unpackme_by_water.4016B0 |

004F176F | FF D0 | call eax |

00510000 | 55 | push ebp |
00510001 | 89 E5 | mov ebp,esp |
00510003 | 8B 45 0C | mov eax,dword ptr ss:[ebp+C] |
00510006 | 8B 55 08 | mov edx,dword ptr ss:[ebp+8] |
00510009 | 01 D0 | add eax,edx |
0051000B | 5D | pop ebp |
0051000C | C3 | ret |

004F3C28 | 89 04 24 | mov dword ptr ss:[esp],eax | [esp]:"a + b: %d\n"
004F3C2B | 8B 85 50 FF FF FF | mov eax,dword ptr ss:[ebp-B0] | [ebp-B0]:printf
004F3C31 | FF D0 | call eax |

004F529C | C7 44 24 04 BD 16 40 00 | mov dword ptr ss:[esp+4],unpackme_by_water.4016BD

004F541D | FF D0 | call eax |

00530000 | 55 | push ebp |
00530001 | 89 E5 | mov ebp,esp |
00530003 | 8B 45 0C | mov eax,dword ptr ss:[ebp+C] |
00530006 | 8B 55 08 | mov edx,dword ptr ss:[ebp+8] |
00530009 | 29 C2 | sub edx,eax |
0053000B | 89 D0 | mov eax,edx |
0053000D | 5D | pop ebp |
0053000E | C3 | ret |

004F7835 | 89 04 24 | mov dword ptr ss:[esp],eax | [esp]:"a - b: %d"
004F7838 | 8B 85 0C FF FF FF | mov eax,dword ptr ss:[ebp-F4] | [ebp-F4]:printf
004F783E | FF D0 | call eax |
First step ...
acruel
16. Sep, 03:00		Just posted the unpacked program and a tutorial. Nice trick ;)

You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.