i browsed through the ColdZero.exe and found something
interesting. the executable is protected by SecuROM but
it must be packed / encrypted with another tool.
there is a section called "chirpy".
anybody know wich packer / encrypter was used ???
here is the PE-Header:
----------------------
MZ......................
@.......................
.....................!..
L.!This program cannot b
e run in DOS mode....$..
....&..^b...b...b.......
a.......h.......D.......
....b...j.......`.......
l.......f.......c...b...
........a...6...S.......
c...Richb...........PE..
L...A..=..............SR
..............0.. 0.. 2.
..@.....................
......N.................
........................
.....q2.P.... H.........
........................
........................
..................... 2.
........................
.....text....p..........
................ ..
`.rdata..^^............. -> RData
............@
[email protected]...
<.......................
[email protected].........$. -> ntsc (?)
.................... ..`
.chirpy.......(......... -> chirpy section ???
[email protected].. -> idata
.3..../.................
....@
[email protected]....... 0.-> text
.................... ..`
.data1....... 2..`... .. -> data
[email protected].. -> pdata
..... 4.................
[email protected] -> Ressource section
please no newbie posts about this,
i need help from people who are skilled...