//code by skylly
//for polycrypt pe 2.1.5
msg "쳣 hideodhidentbit"
gpa "GetModuleHandleA", "kernel32.dll"
cmp $RESULT,0
je err
var GMA
mov GMA,$RESULT

sto
sto
//һν

find eip,#E2EEC3#
cmp $RESULT,0
je err
add $RESULT,2
bp $RESULT
esto
bc $RESULT
sti      //ڶν

find eip,#E8????????90#
cmp $RESULT,0
je err
add $RESULT,5
go $RESULT       //ν

find eip,#C3CC8D85#
cmp $RESULT,0
je err
inc $RESULT    
mov [$RESULT],#90#  //ȥ쳣

find eip,#66C74206FFFF#  //peͷд
cmp $RESULT,0
je err 
mov [$RESULT],#90909090909090909090909090909090909090909090909090909090909090909090#

find eip,#B0FFF3AA#
cmp $RESULT,0
je err 
add $RESULT,2
mov [$RESULT],#9090#      //Ȼ

find eip,#6A006A006A046A006A006800000080#
cmp $RESULT,0  //ƿcreatefile
je err 
mov [$RESULT],#EB19#

bp GMA
esto
esto
bc GMA
rtu

//ʼ
repl eip,#CC#,#90#,100     //ȥ쳣

find eip,#80BD????????01755E#
cmp $RESULT,0
je err
add $RESULT,7
mov [$RESULT],#EB#     //magic jmp

find eip,#5D9D6168????????C3#      //oep: push oep;retn;
cmp $RESULT,0
je err
add $RESULT,8
bp $RESULT
esto
bc $RESULT
sti

OEP:
cmt eip,"OEP"

ret
err:
msg "error"
ret