PROTEQ unpacker

crockysam · #1 11-14-2022, 06:27 AM

I have an exe that seems to be packed using Safenet COMPACT 500.

With x64dbg I can see it call C50032.dll which is the library for the Safenet COMPACT 500 dongle. I tried setting break points but they 'disappear' after restarting. I also see instruction codes that are not part of any module so I'm guessing those are instructions from memory.

I tried 'decompiling' the exe using retdec and it spits out "PROTEQ00" as the "Entry point section name" so I'm definitely leaning towards the exe being packed by something.

Does anyone know how to 'unpack' this so I can continue patching the exe?

BfoX · #2 11-14-2022, 12:33 PM

small hint for c50032.dll

crockysam · #3 11-24-2022, 10:20 AM

I know it's a safenet dll.
It just looks like the exe calling the dll is somehow protected/packed with some Safenet packer...

BfoX · #4 11-28-2022, 04:49 AM

This is original proteq dongle from the brazilian developer. Safenet buy it as eutron/smartkey, some chinese dongle, etc.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode