Tag: MPress

[Video] Unpacking using DnSpy

Hello mates,

This is a small video to show you the way that you can use dnSpy to unpack some simple packers/crypters by debugging and dumping.

The methodology is pretty simple, the packer encrypts the original file into a loader, then the loader will decrypts that file right on the memory, and invokes the main function. This technique is widely used in many many packers/crypters because it’s fast and easy to implement. So let’s see what we can do to unpack it in the modern way. In this video, i used MPRESS as a demonstration packer

Enjoy and best regards,

Levis