A forum for reverse engineering, OS internals and malware analysis 

Ask your beginner questions here.
 #10762  by Flamef
 Tue Jan 03, 2012 2:00 pm
So i wnated to unpack a upx pakced file.I downloaded upx from the official site,placed upx.exe and its components to C:,as well as the file i want unpack.
I open cmd and follow these steps:
cd \
upx.exe (opens the program with some instructions etc)
upx -d name.exe
Earror: UPX is not recognized as an internal or external command -.- .
Windows 7 virtal machine AKA XP mode here.
Any idea? :shock:
 #10763  by EP_X0FF
 Tue Jan 03, 2012 2:13 pm
Don't you think, this is kind of a ridiculous question?

C:\>upx.exe -d name.exe
 #10765  by Flamef
 Tue Jan 03, 2012 5:03 pm
Cool,thanks.Yes it is,but i read a tutorial on how to do this,so i thought it wasn't my fault.
It worked but the file couldn't be unpacked due to : File not found exception.
Is this caused by disability of the program to unpack it?
Peid says that it's packed with UPX1.
I also tried the ESP trick,but didn't work,the program would shutdown itself at the very first breakpoint.
 #10771  by EP_X0FF
 Tue Jan 03, 2012 6:35 pm
Out of interest, what does cmd SET command gives you as output?
 #10787  by EP_X0FF
 Wed Jan 04, 2012 1:24 pm
Maybe you attach this file? :)
 #10788  by Flamef
 Wed Jan 04, 2012 1:37 pm
It's a ransomware and i was trying to unpack it and then load it in olly.
Thanks in advance!
Attachments
pass: malware
(129.67 KiB) Downloaded 33 times
Last edited by EP_X0FF on Wed Jan 04, 2012 1:55 pm, edited 2 times in total. Reason: password added