…because all the other tutorials I’ve been able to find on this subject are not so easy to read.
This is going to be a long post, but hey, at least it’ll have lots of pictures!
Alright, in this tutorial I’m going to attempt to explain how to find the OEP (Original Entry Point) of a binary executable that has been packed with the Upack/WinUpack packer. I just recently learned this myself, so please excuse any errors this tutorial might have. In this tutorial, the following tools are used:
- PEiD
- IDA-Disassembler (I used the freeware version, 4.9)
- LordPE
- ImpRec
- Windows
