重复问，UPX 脱壳，真的很难！！！！

taoszyz

原文件在    https://www.chinapyg.com/viewthread.php?tid=46590

我就像上贴GLTS版主所说，在PUSHAD后跑到JMP，然后单步走到下一个CALL时脱壳后，文件出错，
在IAT修复后一样出错，我采用了http://bbs.pediy.com/showthread.php?p=512832所说方法，还是不行，，
希望GLTS版主帮我做个教程，让我学习研究，或各位高手请作个IAT修复文字说明（包括加上脱壳地址），
我想研究为下什么我脱壳的原因，是脱壳出错，还是IAT修复。

我的脱壳处为
004A8286    61              popad                                            ------出壳
004A8287    8D4424 80       lea     eax, dword ptr [esp-80]
004A828B    6A 00           push    0
004A828D    39C4            cmp     esp, eax
004A828F  ^ 75 FA           jnz     short 004A828B
004A8291    83EC 80         sub     esp, -80
004A8294  - E9 D7F4F6FF     jmp     00417770   //清除之前你所下的所有断点后F4运行到此行。F8就到OEP了


f8后到

00417770    E8 C4AF0000     CALL bbx001.00422739             选用pedumper脱壳
00417775  ^ E9 79FEFFFF     JMP bbx001.004175F3
0041777A    8BFF            MOV EDI,EDI
0041777C    55              PUSH EBP
0041777D    8BEC            MOV EBP,ESP
0041777F    8BC1            MOV EAX,ECX
00417781    8B4D 08         MOV ECX,DWORD PTR SS:[EBP+8]
00417784    C700 88DA4700   MOV DWORD PTR DS:[EAX],bbx001.0047DA88
0041778A    8B09            MOV ECX,DWORD PTR DS:[ECX]
0041778C    8360 08 00      AND DWORD PTR DS:[EAX+8],0
00417790    8948 04         MOV DWORD PTR DS:[EAX+4],ECX
00417793    5D              POP EBP
00417794    C2 0800         RETN 8
00417797    8BFF            MOV EDI,EDI
00417799    55              PUSH EBP
0041779A    8BEC            MOV EBP,ESP
0041779C    53              PUSH EBX
0041779D    8B5D 08         MOV EBX,DWORD PTR SS:[EBP+8]
004177A0    56              PUSH ESI
004177A1    8BF1            MOV ESI,ECX
004177A3    C706 88DA4700   MOV DWORD PTR DS:[ESI],bbx001.0047DA88
004177A9    8B43 08         MOV EAX,DWORD PTR DS:[EBX+8]
004177AC    8946 08         MOV DWORD PTR DS:[ESI+8],EAX
004177AF    85C0            TEST EAX,EAX
004177B1    8B43 04         MOV EAX,DWORD PTR DS:[EBX+4]
004177B4    57              PUSH EDI
004177B5    74 31           JE SHORT bbx001.004177E8

ImportREC修复时
OEP ：   00017770
RVA：     691C0
尺寸：     3F064

依据是：
004691C0  7C830000  kernel32.7C830000            头
004A8224  000A9460  UNICODE "0000"               尾
用尾减头得到尺寸


希望大家多多指点，/:002 /:002

brightsm

执行到417770处，直接用OD插件DUMP，选重建方式1，dump出来不用修复。重建方式2，用ImportREC修复时
填OEP ：   00017770
自动搜索，
RVA：     0007CFFC
尺寸：     00000818
GET IAT
修复刚才duMP出来的文件，也可以。

rxzcums

还有附加数据

Luckly

1. OllyDbg 载入程序

2. Ctrl + F 键   把整个块的勾勾去掉

3. 输入popad 找下面的第一个 jmp  直接F4  F8 到达oep

dump 然后修复附加数据即可

vc2005的程序

taoszyz

谢谢各位大师指点，可能是我的修复错了，但有二楼的方法我也试了，第一种方法好像不行，

brightsm

用OD重建方式1，脱壳。
IAT不用修复。

修复附加数据：
用LOADPE查看未脱壳的文件
查看最后一个区段:原始大小：1800h 原始偏移：3F800
附加数据在最后一个区段后，所以附加数据因该是从原始文件（未脱壳）的3F800h+1800h=
41000h处到文件最末尾。用winhex打开bbx003.exe,跳转到41000h处，复制从41000h以后的数据。数据如下（用winHEX提取）：
A3484BBE986C4AA9994C530A86D6487D41553321454130362250ED6A6422E0762FAE98F7C5C7A3C76B43CA52AFAD0000E6FB2578C8E213F97D1DEDDD7100B0552DAC9AD52815D4F0CF25E4CF118E56C2CE3F70EFB9680EF80000B91A27A200A471DDBE56D8E1E6110BCC8B63369A3088B0A8762324259F2C8912A8F88EC07129119AC9F4F38A0326DBA02B3A37F7DAC676785CFAF9A531F236E880028528C39C39E644D26FA78E994CC2BAFB86409DB60D1975C51D42015E9000007F1D0000657776CA9ED0C901DE0B918B9ED0C90192D0958B6DFBFA03B38BA47ACEF7F88E35DEEA0C78D2F9B2289E553F6A9FF5ABA0249731B823B17E985C080985F8D7B6843C2E6FD7A8CC7D876BA5B52E2401D7752C70B95D32E175F2D81D3D1F679D8DFAF9933F3734B9A30CC33DEC5F92D28057F82D223FEF2EDACED86FE57BA0751064E56DA39475615A15116B291B181D60BBECAA9D5921DBF0F7C2171A42549B6D5410522744E69399EC3A4E7653DE0094B7C52BAE3F2CA7F0E86374129AA6EED8B80E40AF58CA23CD9FB44A54C33632437042C0AE7ECD8E6B0F4845879D0EBB84CE272F7EA67395F7FFB824CB3F18EA469BA5C1F044DBBDFD6804065BD596495000C2BC10860D12BD2B0316F03F1552A61A1C0B39F98D7FC79CD54C48A86F94D46C6F1CC2F89C59C299EB279380BB0BBA90A72F5214BE8937EC0C1F2FBDE90A787869B3FE6CAB282E63A835405329F3BE72CBE18ABECBB0B603AC86C0CBB8FCEBF9F2B0E901346085F889C3556D6D19E31F85F473CC1324588B8596DD28B23663E1C56B55C2F4202695A06DC5263FB71F64365E9312C22CF1E1349A5BBFA64445C6DA8B4594414998994163E1F6232EE7FA180CA9AABF871858FFCD8AAB03639D93589CFFE65032F45A5D6A5D7F05005D96CBBFA3C1AE165C2D2AE0BED03BFD972B5ACB57C62BFABFF24A50394899693C96332C5F4FB3E691955F2C4D4BBDAD2655230A8EC89E68EBB6858B90B0F3167DCBF1AD1D09B88ECFAC178F3D2C17D33D4D8408750B84264F6F94FB46B9592F427E097A02FF2E4A3E673FECBF861CB8BCEF8870891E4AD5704692EA5FFA915411A2E0F1669361E80F0210619521F33FBAB4E2A696C542B5E854E91736D9883A503FEB665BB41229657F82D0A8AADBE2E9FD906F84F8C65B1159991A73B9B49A81AFBD1932F5DEC2E4D1E47875F920EEE336CC52E708AC9849BB5EC3A90488201116F355E8D0E4CF0CD318CC22CA34F5BDBD01FF08D5DE02BBD3149650987BE1CC3D10250574D84446FD08673D1AE09C93F3B93B0624B8539E399ADE29452C01143E5A62E17BC1199E3C6747BCB37E2354B1767516B027F9A5647E213D23C615CC695BC1714955FEEEF1C650355FCC56361FAF33FC013973362B1ACF294541FD4B2CA2D76964B0CB3591F47FC193D8003F22C045D56C75E26E960B048CD8DF2E5CA3D1AD79E62AA6B72ADD38AD3E2A6E3211CFE44E4F975AA639095034AFA63842F2AA830037CD1C82E834C0B7B2F4A9D259D942C3894D97EF88C5E470FAD4A2FD99276CFEBBA960BDD5FD5AE4D3269D88F0004DFDF869606F5CF9276300E71F98E3FA7F80717EEDE6CD327EFADACC44887266B22F79B444B8791B7747C9766F13EA1BA856CC647AC78E7F88C92B2F8481482EAF1A95C35143A3F0B2D5EDA2985BFF81271ABF5F418F7EFAE0207C4EEBF2BE62D4BA5D8EBD0060E71F71453D98CEB8086640AC8C5413E7AB7B06392ABE005141D07400AF2C29B7A264A8C17716DF73FA7F5ABC6A5798D9D92176A9EE24EF2094B60FC7111D227985E2D081207A8A8401C8BCA9CAA69F59411ED67394E8FC56EDB0CC6A2962B4BB6EEAA98E1EFF667644A535607CB0DAF81D06DB4431516197B689477369180CF4CE9411E1F2F4023EEB5239680F065CD18FA94D26B9037DCE8FD06B6A5A323643C7E91AADFECBA7C80D4B602CBB5ACE3EC79479A62F10C537E1C5C3ED25DB35224BC0DB5780A608A1A4CD517CA8F71195EE77A46B1CFDE6C61F0FB79A037E7915ECC1E23103AD3C092E4C35B1F903D4D8A036B828DA0C9095C53EC1653EECFA7F7D3C1C4A0F26490DD53BBA30EB0C65594E83B9901983491E4B5C060E3A77EF91DCE9E9611E6D580532E574E0D5BCB7CC29A160870F09F4FB01EDA3B038DA59BA91FC99575E2E6A6FF40288E8C687153D6B08E43AD5A1FACE62E062CB3B0384CEA0A947FD883F56CD1A017C2D986EAACCCE807606D425E7E018FB6ABA5D985E9524BBF1E6DEA2AB55FF58183DB1D88C57DB69ACD7266805218E496EE205255EF93B40C4DCA6308357DB7A7666F4D6193CE36AC2299E4F6924D859546CBD88214463FA482051C25446EFE9C28ABFD962EC4B1DA563E0C54F085A99C5C43E70CC083EE05687975350D5B1D644EDC5D604B2E8BCFBB5AA7787A12B0A10C71056EDE8238A3AD80B83E5B280A0F6A65D536E624C543E2AE69865FFA9E94F3B6830D0B3C342B2ACA1970E3155B15EE1C95A55B753BA9719CA29B998F643AC7F98FCF338451A8A043EA417B9E73C96483D38CEB2420F08F2F53298B0BE3B5B47AD13EA06B2E8FD6B2EA8A4E39BD8205117335386008CAF75B3B6ABC11B1D8339EF918FD430317F95A01DDC5152784240B5354888A0BD411E950D91A87F1407D2E88B3FCFBDCA30AFB8E3B1045C29572C37F076004BDE6490FB237D8B22D17ACFB017DC0B55A6799BE9FAD1D637C71086E5E894E0D00440F875C2606FD60B97463AA8BB9C90A28A73BBF98C59F765D47627E6E50F92C979746625018D1C56E8C6AEB0F47C1DF692154E7A59CE0C3438**81037D4FC955C8A8DC3322F9A30610EFF7E6C76B43F68E974A020DC6DB713EFCFB970C283AE8AABEA6E02BBAC84CE2FB34472042BE1B0AB09C23C09E2F4E0061ABFC9B21560240610CB5C6E1842620BBF2A26B4CA26EB65F86998F363B0F9E6AF56607037179D43650925A7C741A744EFA2E11331B4F1EE9FB95AF8EBA2012BFF2CAA8364207ECDADD8CAC9FD87B4B10BAC936BCB14C0014FD22CFB12570ED8D49DF2E4481C43D8D9AB8874D6067130B41C44738622F89D845584E7B74AAC544CC7263C46AA79DB8B603BD9ACF2398DC594610BEF6B73DB374E81014D68FCAF7357CE5373DC0146BEFF989BFCA416648E73526D4C78B34CC2A1D960180516BE9732CE0820D5DB9B3E3E86A6C54D12EFFBC63E5715436177A7C318E84534C5AB4519CB5CFD0E5605ECDA0D14D981D7FBED0ACDB5798FF6E53CA0640EA5830CF6C5853EDD0B58DA262CC45204CE6548B405739FDDE4C59C2A18A3113B8F91AFD4EE218798D6793E72F037073F483DE0FD15BCF25E7655B6E6F21CBF5A748676D7BD1F088B8BF0991446BBEECA1AFC048B9BE7847B34DF4FB2C9448F238ECE034B5160B5C5905117A1BD391541866765E502E006D37C402CCCC1969A252C0760BE29FE23FE13E07AF9829C25D1B19B1A13030C3AF2857185B6973DF1EDC8BFCC853F27772E718AAB4B26E14C9D3A04042E189D30C156AD6802F4D3F3707AA795231B5B7A81E1A54D01791EF48208C839F38E2AB99C09DA446F58CDAFBFADB05E93F2821BF00D262A89AB5AFC2E0E989783ACB10E235EB1C242E0965A211906AC9B81525754EAFF6D6AC211DC792922CC9DBB7E447310D607902833A5B159B37D6ACCD8FEE902F3A3CBCF47EADBE5DE3FE283EE7CD18903F1DF91FEEBE795DF9A79C21239104FA630DBFBAB685A45FFBEE71386106C519DC513CDE18D74AC5118874342C79200C93DE52ED647BAFF9F13AB08934B4DDF0661AEDA66BB5C6ABD378EF49E69F95D44460854BE1F670EF0AF642117CF031BDCF1304CEAEE04A31C8B6D425703C77939035DAFCA2E9332A0946C6D449E98E51280CA6181B00A7DA53476FA9F86E24FFAB2792D052C342ABDF9B76141B414896E94437D5261AA11B1F91CE96AA127431C0CC550446E23A039A2C612E07C43117CB7D791E2D118A24614FF08F05EE21AEFFED7B94DC88858C17DF25403374A8185C056C4464CB3215971FF50723A591A2E1835F5408FC75E744635FBB191AF3166DE3FA13EFEC4D7FD80DC00871FFDF651EC6FFCE62DB210A27CF9682FA2A91698D18A2A5915783FFCC47BFD93A4ECB9D3C826122675FC31DBD9119C0D35621A27D5511F0A0697C4F9332D2DD3EE50BC2F6F5D194FCA8BCAEAF9ED0045F3CFE17C271DAB7645967C0EF9EBD68E4283C585AD3920EDB436640E4A13F04C6323D3BC33968365530DEF74F17E3230D1F0394526F6604690B7BCAA344A935634851DCEAC4DE2EA131A948DA0B44E0C335B8A1837F2905C02511528BD24CD31A2B6A42DF02E9F45CAC5529F4A4F545689557A9BB9CE616F974766B6A3BB427B7C610728D2A212A8F4B452B83118C1C9FD0EE136626378873A0E27AF4FD43B4FAEA91FD5DFC7CE84ACF716DDC1A9D434305D754FB69AED4C8A2E43BF37D0ED88D0FA64E479217F8466A78226E741B14B52D2652146C3C46D36536A83288169D71C6C2616D18A078943A43148774D2D492ED7DD86A65F41E8BB05E41693496EC74D43C1874C62DB3442BE64CEC149BD1D4A56AEB6EBA4D6C5F120F61B369E44F2A8A5915C666777C5BA3B2370E907D97E1712E07A9068ADD5BF9483D8A4945FB59E72268412F7931245040146F8D592FB8154E898D99082D5D94755D643C8E50D9B99DF9567A02119EAEDE49FCFBBD2C463240DDA17AE260E218CA012D4FEDAC4AC8987CD4022154A54B50C079BC1DC5DD9F7EF5AADAC490A85BB4C45737B01AEACEDB2EF85ED102790EC30225454549A29B0328E484693CB65F99C73B33B3D97AC142A62CC9B37882649C106DACDBBCB489F9EE37069EBC93DD657E3842606ED458C6B7827552F58893526482458E53C386E02AEF2634BD13E4A01D23ED2A434632424B5C4240AA9B302458BA79DB515F64565DE968C15007603A549C3EFFE5E69331A3DCA16EE7E1A0E7A8F70A1910F7A04483E533EE5E90F3CE63962B42708492B087C9B5CDD621D8114FB0E0EE5311E62ED4AB0D7C8A53384189ED1BDC8899F2C76DABB5225C685FE014107B9C331E966097B39DC635ADFDAE241D53DA1E2F36CB7B4C9D81B24E4CD52EA64D0DF4A891ADA531C4D1D2348B76918EC9D99AE7E6F58893F2DB87DE4A21B42F4D49A3D97F240A16FF01D5516B0DDD76AA710002091B4CCFD67FED82FB8E3A140E654526557F259A4EAB59E326FAA57A993A0055046B77A67B4A8A61D5C736052D33F47776D40D6261B1C373E496554D1C293243024F84538B2317F71600F25CE967A9B093D7C13CAF9E364A538E2DA46369EA77AF36B8F255CC0CEE17C6C0D47BC2F2A293786C817F0E64140519850821F76E6FD7C4F4AD8B1F8BA8CB136ADC1616C02D2876968B648694F774C1DA20BAC141CB62D14A3ACC4FF813C09E003E3F1D23E9E6B2646D0FD2D839FE03F85CF6D2C0718CC4D222CFEB6B355EC1FF604621837DDDB67C358FA06B61A4F3A9850AAD80217581832DE50CCC3CC3DBCFF31C06E0D5BF727F8B48DCDDFA2A932C21CDF85303C98A54414CBC855A50ABCC701FBAB389883BC809E84960FB55C1CA5F1D47C2E765ABAC80C6175ABCA31D6DCAE92C701EE285D338A03FFE910DD7DE212585DF3FDC72FAEAB3CC9A11F49EDEDD9940DF462466F609B11B2AE67158722BA7CA5A711C6F2699C492BFFA3AEA97183383C8E32EF77CB20DBF75860D996470E20B6C6E73EE05593E45A14BA8797AAFD1F078A249EAC50594F877C846F413AAC69F32F6B5EA046A556EB8EAA8E65446551C324A1F266D8ABF496FCE2435B798BA1E5650AD6C6DF6953A405CC7AAD3DD628D5644D20E6D03D1ED3D797B3384EA318548BE40FD82B978371C1E8576461AD5C43B60C91225C43C69130B057A416AEF6006F555633CD3117200A7F53665D8BF1B34E870ED7490897A3479041E3CDA2AB14464B93DBF3DE8B41F6DBDCDEB12998B3A00DCC3A1265811164C5730C75880D83328B409EE3E0ABDCD65B3D710258F0B0DDD2DB8779F6BA336D1E0A6F389876A567ABAAB83CFB7911443C8E76F4B48381261BC47788354D3E2B115941BFDE3F39310B2E7A25CB7F95AE56C72340CA49429CEE89410277C4D89452EAF0F80DA459AC54FC4988CAA856DFF6AA125ADCEA220E317633D32A7B7C732FA4138907A0BC5CB02F6D995EECDB5F5008EA84E2909991CEE025082A17032CA937BFB2F5756EF7065568DA9D033C669EBD669DF3983341CFC60E9B5A6289F06600B2883C79C42CC830B760877E380AF40C4B97361FDCE6239D70D63E7CEDF10F8A6A60320E0FED2C021BA5731D26D0363BD6DDCCB9D18FD1902067581245283C83B50CD064317DE1DCE0893B859F035839FBBFA42C9E9289AC435082F563809D95889D2233344AA3DE79757AB67F345E347A157AC25F092AB7670ABDE30C02143823F841E50F779709DB142E6592ABC74F40D00B7AC4AFF2C75C2D9A4349FF50CB302C045D2ADCF41B005FE44417CCB267278A2D030822BB7372BA220D27610AE5C02F737909219D8A7ABD6B258D7E2A8DEE509F8732180B2D8B785FFDE77D0AF735D4B1536D62572929882125FA5A760765F2DD777EB1968C6FF5820AFB6FB970F9EED97312E6587166A4B46996C57C176F49743AB0F6ACF95BEFE70477094FF77AAC3C7D79845B7D31659B1B2F0D09C9080737E5721750B113A4ED628E829413DB4367F0EF9DA2909A8F0E1990E743F1CB18582196999F6DA6DAFDEB508D319B2009A9B9033AADBDA6ECACB40B4589DBEC4329D111C39D82AF6108A1BDBDD645E78C85FDDBDDCA11D736A832E1AB2D843DDAB2D9717D4ED4004C222BD1F08999D4B3E8BEE566AA038701F843BB6E7E76C1DDE5DDFD791CA62B1A7DAF5B5EE4C069CB5AA6BAA21B832E564289584D79C7109AB97FB28946DFDEDD3AA5CBC5811761EA03FB9DEB9671CAA15127BAF2EDEE8F074230BBE13613563F060390342FA8A0F00BE9EEF3FB3226292EAF78A8ACCA251D6B02B4E95DB28BD10202A7744A3D89C12612ABA09686BE70150F72DA8B04DFC96B0C914065728C92E5D1516C5313737F99C77A2F0894400D60A01BCB7AF7B9F9DF9B651BE5EDE1481F99C98BAD0E9590ACF92640FF7B43DA799ED50078AEF2C0601040AB519012E79F754017883D9C92E9CCC22E016FF707E1784520B14B09971CD594D0E701C67DC02423E7F078CCF80195136CB0F2A968AAB9F54989C778578BA6148FDCCB2271E5B9EAECC99296911D8AD266BEA4038D0F792FDE0D4B37A88DBC9BD5049D0F2879D0CB75B239DDD1564BB7FAC9A366C213E361A20CD7A25A875DD3D2F13E2B23C5EACBC0CDA2A5774E1F1D645D3137868E3814692BD2D053F934115DCCB9BFB21D11F2DFCE867BDCACA52EBEBE046AFF5C00D062F670FB1C07553A5CCDEB2851ABBB25962A41DA43918D9828ED2DFCFED064AEE49FA68CF247955443D60C78D5083A92FEDC0A8A9BE6D9E1F05D957F6F0D168280F4196D88D5E3FD191499FFB54B0869BA2C80DB406327DF3BCBDD874DB17951BBD2DFBA48C77247BC81E4CF3447413B4AEA8FE886C31B620ECBCB8D1BF5E6C9B051996B80520BA80132E543D6ECB5F68C714EA0EB2B797519333A7773DA39B2DDB458518A97B490E9C496F90EF4D80F226B062C2D4E64FBD9F2DDA04FFDAD6F38092445BCCE8F7A67B3BC1BC52DDF3CF8A73DFE65D9C0938C5CFAD9A07708A19F428049CB19B6286795E9581F9220A6D00FD7BE9AE24ACADA3614EA1A419C2FD77FEF59E3288967ABD479B63089C166B35F4D45D55DA4CD20BF39EEC52B47C131190F85883277C86C3882C98FF6DFF82C60F140CF191523E97A4C435986A1AB45064BE0581459F4A75931DF93E43ADD8531B37206FB652607056CA638F80D30568CF7CE4046D68D897A76C69A05109FF42CFB2F0BB6EA9E4265D6E990024094C7B5B0AEB51AF1A2E2034DE27F63915A8F63C3AB715EBC26D6B37F7DDE61F3741C1DEF195572D65EE7038EB637F0A3BEED6C2B747F7E2217DF1601B1A8E0EB3BEA2D0A6EBA36EE851F3A50BEF5F387145E0A26E486E3A285E1555C89BE496CBA0C47EEBB1C050C2A19F42E8BB575D7B87FA284C173512E5CF5281E8742CCC153092DF06F207C816FFC3C66B7EE0BE6688561E71BBCFEA23B96D395448C2601BF0B97C2480AC1EEFA498E53EA45956FEB6381BCF584499DDA16990B48FCF93C22F9ABE584736910D01A8BC8E564D0F6F6A0C1D4941AC626DC7EA7DACA74761F084E83ED78B4AF19D0CF7252850656549DB5C19EB93406D4686513D2E63190D9D722D9FABF46E394FFA24D3F6F8AD80A01B47EE60B28ECFD9DEAD355DD5F7439D9124329960FC33D8EFE9EC0C6CA1672AC978CBD8356510239DF3F9E9BA6998B1A51C910D39E72474C6C3791D75CBAE7D12A5AFE517D55D8FAAD963A830F9732D7F0D05761B072ED5B3331A9CB3C46E24A0016F13EA4A0C2E39F884A0B0D6762758C063B899D8D6745BBEAF734D6A50E6AD8957642A61A05AC5151268887007505207EF713DEF47727A865A5173D4A7A1676ECF8263503EF4889DC835F7E3F901AB4CBF3C4BE9873CEBCB937006C8330E94EFE57B057866C143FDE4E6DCB637EB6FF4351F26B03A30832A92EA35CC2E5DE462A824C74C85EA2E97CE4E226DD319B01B8DF42C7688CC9D041DDFF267066EFD7B4F16D2D93B17AB25D3CA594D158C30C952C4F66AE4F447F03477B7F82B31C893808E5887AD8AA15F95BE7402876A7E0F64291D5A1CBD4DE11CB66889E1561A8256488BF039729CDC57EA9248864CB05D452BEB7198FDA48E7BB0D5F946ACD0B8134E25045AF90B53793AE6238BE97D939777B5E89D9E566C4457499A30D4DC1BE54D39369746DE796467CCA61A4F80A6C8930CD81BA04155332145413036

用winHEX打开OD脱壳的文件，将光标跳到文件最后，将上述复制的数据粘贴到文件末尾，存盘即可。

cnywco

LS的厉害,,,,为什么不用OVERLAY工具啊