Unpacking Armadillo 4.xx-4.66 Manually by ChOoKi

[ChOoKi]

All the tuts I released (so far ) on how to unpack Armadillo 4.xx-4.66 manually, further tuts will only be posted here.
Notes:
1-Tuts are best viewed using the free software SWF Player (set on Full Screen), get it from:
http://www.browsertools.net/downloads/SWFOpenerSetup.exe
2-If this is your first time unpacking, follow the tuts by the order of release (steps would be skipped as the tuts progress).
3-If you wish to mirror the download links, be my guest, you are only helping others in getting them. (just make sure you 'Hide' them or someone will remind you ).

[LCF-AT]

Hello ChOoKi,

very nice to see your armadillo unpack collection in a row.
Thanks for this and keep going.

greetz

[SerialKiller]

Hey ChOoKi,

nice series have you started, keep going
and tnx for share.

SK

[venom-rx]

woooh nice sharing bro...

[Lunitary]

Hi, I have a little problem .

I have downloaded Ollydbg V1.10 to do first tutorial, but when it says "Pluggins", in my program I see 1. Booksmarks 2. Command Line and in tutorial I can see Olly Advanced, Analyzethis, Asm2Clipboard... etc. What can I do? I am noobie in cracking. Thanks in advance.

[herr-master]

go to

[Zeroed]

awesome possum, most helpful

[andria345]

thanks chooki.

[Mr.BLaCkViRuS]

Thank you very much ChOoKi

[arnavch]

hi i ahve a problem

the first tut(for DB)
it says we break once and nnote the mutexname value.

hoew do we break at that stage?

sorry if the question is silly but i am a total noob.

[ChOoKi]

Check the start of that tutorial on how to set all needed breakpoints in advance prior unpacking a target.
Once you have all the breakpoints set in place (Disabled), start by enabling (RET from OpenMutexA) breakpoint, then SHIFT+F9 and you will break at that RET.. and so on..

[Zeroed]

Hi ChOoKi... I started watching your series and have right away become confused at what's happening in the video. There's a lot of decision making that goes unexplained and you totally loose me after a few minutes. I'm suggesting your tuts are bad - FAR from it - but I'm just wondering if you maybe have a written follow-along component that takes time to explain everything you do? What the options are, why you're setting them, backgrounder info on the WinAPI funcs you BP and why you're selecting those particular BP's.

Also, do you have a flash tut for an intro to Olly? And possibly one on Armadillo itself (just background info, some history, what it is, who likely uses it, etc. etc.)... just a few minutes of discussion on each would be great.

If you have "transcripts" (or could make them) for your videos, I would be than happy to do the voice overs and host the videos on my own site. I'd love to help out and it would give me the chance to better absorb and comment on the material.

[ChOoKi]

Dear Zeroed,
These tutorials build on each other in the order you see, you just have to start from the beginning..
The early tutorials show how and why BPs are selected and used in step-by-step commentary. As the tutorials progress & to keep'em short and to the point, earlier steps in unpacking are skipped (.... up to testing the fixed dump). Let me know if that was helpful..

[Zeroed]

That's strange. I thought I had followed the tuts, as per your original instructions, according to the order of the release. Is that not simply from the top to the bottom of the list?

Also, am I to understand that you've got voice overlay in the videos? I didn't hear anything while listening... just saw the popup bubbles with an occasional comment...

[ChOoKi]

Dear arnavch:

Download PEiD 0.94 from: