//////////////////////////////////////////////////////////////////////////////////////////

//  

//  AverCryptor 1.0 OEP Finder

//  Coded by: 0x87k/ICU

//  Special greetz fly out to: TEAM ICU,SnD,TSRh,{RES},ARTeam,REVENGE,my friends

//  Data: 31.08.2007

//  Test: WinXP SP2, OllyDbg V1.10, ODbgScript V1.64.3, OllyDump

//  Contact: oxy87k@gmail.com

//

//////////////////////////////////////////////////////////////////////////////////////////



//.v4r

var bk



//.c0de

_start:

	sto			// step over

	bphws esp,"r"		// set hardware breakpoint on ESP value

	mov bk, esp

	run			// run appz

	cob			// wait until break

	sto			// step over

	log eip

	an eip			// Analysis

   	cmt eip, "This is the OEP! Found by 0x87k/ICU"

   	msg "File was dumped, now you have to fix the IAT! Regards!"

	dpe "dumped.exe", eip

	bphwc bk		// clean the breakpoint

   	ret