/*

SLVc0deProtector 0.61 OEP Finder

Made by: GaBoR {RES}

*/

gpa "OutputDebugStringA", "kernel32.dll" 

bphws $RESULT,"x"

run

bphwc $RESULT

rtu

sto

rtu

find eip,#4F6C6C79#		//searching for string:"Olly"

find $RESULT,#4F6C6C79#		//search again, because the first one was "Ollydbg.exe"

fill $RESULT,4,47	//replace found string with "GGGG"

findop eip,#F3A4#

bphws $RESULT,"x"	//an intermediate breakpoint to let the protector decompress itself

run

bphwc $RESULT

find eip,#5858FFE0#		//search for pop eax,pop eax,jmp eax(this will jump to the OEP)

bphws $RESULT,"x"

run

bphwc $RESULT

sto

sto

sto

cmt eip,"OEP found by GaBoR {RES}"

msg "Dump the process with Imprec,fix the IAT & fix header!"

ret