ÚËÍÍÍË¿ÚËÍÍËÄ¿ÚË Ë¿ ÍÍÍÍ» ÉÍÍÍ» ÉÍÍÍ ÀÊÍÍÍË¿³º È˳³º º º³ Í͹ ÌÍÍ͹ ÌÍÍÍ» ÀÊÍÍÍÊÙÀÊÍÍÍÊÙÀÊÍÊÍÊÙ ÍÍÍͼ ÈÍÍͼ ÈÍÍͼ -/ Shadow Com Cryptor v.1.80 /- 1.intro SDW386 is a freeware simplest com file encryptor, with polymorphic functions, lame and poor antidebug code against automatic unpackers like UNP, CUP386, AutoHack or similar and some com dumpers, based on check 100h, like DECAY and DumpCom. SDW386 provided "as-is" without warranty of any kind! IF (you disagree) THEN (you know ;-) REMEMBER! encryptors/protectors/guards cannot stop advanced cracker. Only FreeWare program stop it. Maybe. You may use SDW386 freely, no lamers see your copyrights in crypted files. If you wanna see in crypted files your name, like: [Registered to: KewlBeerDrinker] send me bottle of your favorite beer :-) and get unique version (i promise:) registered on your name. If you send me twenty bottles of beer, you may get full commented source of last version SDW386. 2.features positive: - some antidebug/antidumping code. - unlimited com size. - convert EXE files to COM and encrypt it. - tested under MSD0S 7.0-6.22, PCDOS 7.0, (EMM386, QEMM 8.1, himem). Win95, Win95-OSR2, WinNT 4.0 Server and Workstation. - freeware. ;-) negative: - cannot handle PE/NE/LE/LX/W3 executables. - cannot handle EXE files bigger 64Kb (maybe in next versions?). - antidebug code is very simple, crypted files easy to unpack. - not create backup files. if you want backup, do it with your own. 3.usage SDW386.COM [switches] filename.com - file to encrypt. switches: /s - small, low polymorphic decryptor, easy to trace. /l - large, highly polymorphic decryptor. /r - random decoding decryptor method. /b - blind mode. copyrights not added to crypted file. /c - only convert exe-to-com. not encrypt. /v - documentation viewer. 4.techInfo - SDW386 use for polymorphism ûiCE 0.5 (ûirogen Irregular Code Engine) created by ûirogen/[NuKE]. - Decryptor, attached to protected files, have length 1.0 Kb - 2.0 Kb. - Optionally SDW386 use for encryption Random encryption synthezator (RES) by SSR, who created decryptor "on the fly", using random decryption command. If decryptor decrypt code not correct - creating new decryptors and crypted code decrypt again and again. - SDW386 cannot stop TEU, E-Dump, Soft-Ice, TR and other advanced debuggers and dumpers. TEU unpack files, compiled on high level languages. - For protect against TEU, you need modify startup code of your file and/or use tight commercial protectors like HackStop or other ... - Against E-Dump noone know universal detection method ... - Himself SDW386 and protected files required 386+ to run. 5.thanks in random order: Many thanks for my wife Svetlana (Tiny Light) for moral support ;-) Stonehead - your help immeasurable ... very much thanks ... SuddenDischarge - nice filebase, good idea to greate pages, contain all versions packers/cryptors/unpackers Cristoph Gabler - insider.faq very informative ... big thanks for your unpack sdw386 script, unsdw386 and antiTR routines. ûirogen - good mutation engine. MaX/MoVSD - ATEU 1.2 sources very help me. Cicatrix - very informative VDAT. but (imho) need links, where may get files. VAG - thanks for your version of DeGlucker 0.05, deSDW and many other nice things. Tailgunner - thanks for commented source. -ùJibsù- - big thanks for exe-to-com converter source. all ExE-Li$t members ... all who want it :-) Yesterday i download DeGlucker 0.5 by VAG and OlegPro ... GREAT WORK! i will be trace probally all protectors! 6.history 1.0 - original Tailgunner's version 1.1-1.3 - my first experiments :-) lost after crash harddisk. 1.4a-1.4d - add some antidebug code, add encryption decryptor. 1.5 - improve ûiCE 0.4 polymorphism, remove old encryption decryptor. 1.5a-1.5? - internal versions. experiments with some mutation engines (TPE, EVOL, $UPD, RHINCE, SMEG, MutaGen and other). 1.6-1.77 - add and rearrange antidebug/antidumping code ... 1.78 - add random decrypt layer (optional), implement documentation viewer from MESS 1.30. 1.79 - remove 386 CPU check, add and replace some antidebug code some experiments with $UPD engine. 1.79b - bugfix(?) version. fix logo, replace $UPD to SMEG, add polymorphic first jump ... NOT RELEASED. 1.80 - "release" after half year "do nothings" ... i very lazy ... return back to ViCE 0.5, antidebug code not change. change first polymorphic jump like rscc. (hi,ROSE!:) add exe-to-com converter by Jibs. 0.about MANtiC0RE // Tyumen, Russia E-Mail : manticore@mail.com FidoNet: 2:5077/60@Fido.Net EOF? where? :)