I have a file which is UPX packed. Is there any way I can change the headers and still find it as UPX packed? And how do I unpack it ? I tried a lot of tutorials and I am fed up as all explain the same method which doesnt work for me. the same problem is mentioned in the following : http://www.reteam.org/board/showthread.php?t=2670 I am not a well versed reverse engg.. :( jst a noob .. any ideas will be really helpful.
how to unpack a dll file which is UPX packed but also the headers are changed?
5.2k Views Asked by kidd0 At
1
There are 1 best solutions below
Related Questions in REVERSE-ENGINEERING
- How to break code on a click event?
- How to increment versionCode using APKTool?
- Alloy traces and projection issues
- Understanding assembly of a simple C program
- Bomb lab phase 5
- I am not able to generate hibernate.reveng.xml
- Database reverse engineering tool with columnDefinition support
- Unable to see all the classes in an android application using AndBug tool
- Reverse engineer database in spring data rest
- Entity Framework 6.1 - debug t4 script execution with customized code first reverse engineering
- Differences between call, push+ret and push+jump in assembly
- Bomb lab assembly explanation
- Android bytecode: value of some variables not defined
- Reverse engineering proprietary magnetic card formats
- How many arguments are passed in a function call?
Related Questions in PORTABLE-EXECUTABLE
- Determine physical file address of directory RVA in PE file
- What is the relationship between sections and data directories in a PE file?
- I am confusing some assembly code about enable PE within boot/setup.s file in Linux 0.11
- Is it true that PE files map directly into memory?
- What Does Windows Do Before Main() is Called?
- Call "main" function programmatically in Windows
- Memory Address files
- Determining if the running executable has IMAGE_FILE_LARGE_ADDRESS_AWARE?
- Identification of PE section characteristic
- Is kernel32.dll always loaded below 0x80000000 (x64) ?
- How can I find the public key of any PE file?
- PE format, what is the use for IAT Directory
- How to insert/remove some garbage instructions into ELF/PE file without changing its functionality?
- How does the linker determine at which line a symbol is called?
- How can I use pe.entry_point to write YARA rules?
Related Questions in PACKING
- How to pack four signed floats into a single integer?
- Data structure and stack corruption when using the P/Invoke Interop Assistant
- C++ - cstyle structure/class packing pertinent?
- Dividing area into a given number of squares
- 2D Bin-packing 3:4, 4:3, and 1:1 shapes (photos)
- C++ class/structure data member offset as constant expression
- Algorithm to organize rectangles in the fixed rectangular container
- What's an elegant algorithm for fitting differently sized rectangles into a circle?
- How to understand Gtk+ properties and make GtkGrid expand to available area?
- Python a comparison of the distributions?
- Why is Data.fs.old disappearing?
- How to make it one-liner? Convert list to a bunch of parameters
- python tkinter packing
- how to unpack a dll file which is UPX packed but also the headers are changed?
- Find maximum size of rectangles to fill a container
Related Questions in UPX
- How does UPX handle Applications without a Relocation Directory?
- Checking if an ELF is packed with UPX in Linux
- Method to determine if an exe file has been compressed with UPX
- how to unpack a dll file which is UPX packed but also the headers are changed?
- what is UPX's best compression method
- Does UPX magically transform binaries from dynamically linked into statically linked libarires?
- How to split Linux (Android) ARM64 executable into small and large parts?
- Reducing executable file size with UPX in macOS
- system wide elf compression script using find, file, and upx
- Executable made with pyInstaller/UPX experiences DLL load failed: The parameter is incorrect
- Delphi debugger crash (OpenDialog + compressed exe)
- WinError 5 Access is denied when trying to include UPX dir in Pyinstaller
- pyinstaller and upx on Linux - no difference in exe size
- UPX bad image on launch and notcompressible exception
- Wrong UPX Header, Unable to Decompress with UPX
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
For correcting the headers, you need to open up the file in a hexeditor and fix the offsets in the binary manually. Then you could use the upx.exe file to decrypt as
upx -d