SHARE
TWEET

Untitled

a guest Sep 27th, 2018 156 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Log data
  2. Address    Message
  3.            Themida - Winlicense Ultra Unpacker 1.4
  4.            -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  5.  
  6. 090D0A0F   Breakpoint at 090D0A0F
  7. 090D0A10   Breakpoint at 090D0A10
  8. 090E0054   Breakpoint at 090E0054
  9.  
  10.            OS=x86 32-Bit
  11. 090E0056   Breakpoint at 090E0056
  12. 09100021   Breakpoint at 09100021
  13. 09100028   Breakpoint at 09100028
  14.  
  15.            2.214 MB +/-
  16.  
  17.            138.280 MB +/-
  18.  
  19.            Your target is a >>> Executable <<< file!
  20.  
  21.  
  22.            PE HEADER:   400000 | 1000
  23.            CODESECTION: 401000 | 84DE000
  24.            PE HEADER till CODESECTION Distance: 1000 || Value of 1000 = Normal!
  25.            Your Target seems to be a normal file!
  26.  
  27.            Unpacking of NET targets is diffrent!
  28.            Dump running process with WinHex and then fix the whole PE and NET struct!
  29.  
  30. 0911064B   Breakpoint at 0911064B
  31.  
  32.            Overlay found & dumped to disk!
  33.  
  34.            Disasembling Syntax: MASM (Microsoft)     <=> OK
  35.  
  36.            Show default segments:               Enabled
  37.            Always show size of memory operands: Enabled
  38.            Extra space between arguments:       Disabled
  39.  
  40.            StrongOD Found!
  41.            ----------------------------------------------
  42.            HidePEB=1          Enabled   = OK
  43.            KernelMode=1       Enabled   = OK
  44.            KillPEBug=1        Enabled   = OK
  45.            SkipExpection=1    Enabled   = OK
  46.            Custom Exceptions  Enabled   = 00000000-FFFFFFFF
  47.            DriverName=xesover0
  48.  
  49.            DRX=1              Enabled   = OK
  50.  
  51.            ----------------------------------------------
  52.  
  53.  
  54.            Basic Olly & Plugin Settings seems to be ok!
  55.            No InfoBox to User to show now!
  56.  
  57. 088DFF92   Breakpoint at unl.088DFF92
  58. 088DFF94   Breakpoint at unl.088DFF94
  59.  
  60.            XP System found - Very good choice!
  61.  
  62.  
  63.            Newer SetEvent & Kernel32 ADs Redirecting in Realtime is disabled by user!
  64.  
  65.  
  66.            Kernel Ex Table Start: 7C802644
  67. 0915003F   Breakpoint at 0915003F
  68.  
  69.            PE DUMPSEC:  VA 9160000 - VS 3A000
  70.            PE ANTISEC:  VA 9161000
  71.            PE OEPMAKE:  VA 9161600
  72.            SETEVENT_VM: VA 91621D0
  73.            PE I-Table:  VA 9163000
  74.            VP - STORE:  VA 9162F00
  75.            and or...
  76.            API JUMP-T:  VA 9163000
  77. 0915003F   Breakpoint at 0915003F
  78.  
  79.            RISC VM Store Section VA is: 91A0000 - VS 200000
  80. 09150041   Breakpoint at 09150041
  81. 76B20000   Module C:\WINDOWS\system32\winmm.dll
  82. 7C8106E9   New thread with ID 00000D04 created
  83. 7C8106E9   New thread with ID 00000D20 created
  84. 7C8106E9   New thread with ID 00000D24 created
  85. 7C8106E9   New thread with ID 00000D28 created
  86. 7C8106E9   New thread with ID 00000D2C created
  87. 7C8106E9   New thread with ID 00000D30 created
  88. 7C8106E9   New thread with ID 00000D34 created
  89. 7C8106E9   New thread with ID 00000D38 created
  90. 7C8106E9   New thread with ID 00000D3C created
  91. 7C8106E9   New thread with ID 00000D40 created
  92. 7C8106E9   New thread with ID 00000D0C created
  93. 7C8106E9   New thread with ID 00000D44 created
  94. 7C8106E9   New thread with ID 00000D48 created
  95. 7C8106E9   New thread with ID 00000D4C created
  96. 7C8106E9   New thread with ID 00000D50 created
  97. 7C8106E9   New thread with ID 00000D54 created
  98. 7C8106E9   New thread with ID 00000D58 created
  99. 7C8106E9   New thread with ID 00000D18 created
  100. 7C8106E9   New thread with ID 00000D5C created
  101. 77F60000   Module C:\WINDOWS\system32\shlwapi.dll
  102. 77BF0000   Module C:\WINDOWS\system32\version.dll
  103. 76380000   Module C:\WINDOWS\system32\comdlg32.dll
  104. 7C9C0000   Module C:\WINDOWS\system32\shell32.dll
  105. 773C0000   Module C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
  106. 77910000   Module C:\WINDOWS\system32\setupapi.dll
  107. 5B260000   Module C:\WINDOWS\system32\uxtheme.dll
  108. 746E0000   Module C:\WINDOWS\system32\MSCTF.dll
  109. 68E60000   Module C:\WINDOWS\system32\hid.dll
  110. 76C20000   Module C:\WINDOWS\system32\wintrust.dll
  111. 77A70000   Module C:\WINDOWS\system32\crypt32.dll
  112. 77B10000   Module C:\WINDOWS\system32\msasn1.dll
  113. 76C80000   Module C:\WINDOWS\system32\imagehlp.dll
  114. 68E60000   Unload C:\WINDOWS\system32\hid.dll
  115.            Process terminated, exit code 0
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top