If we try to run the program with OllyDbg debugger, we can quickly seethat our program crackme.exe is encoded. We can see the warningmessage that Ollydbg presented in the picture below:
So the first thing to do is to download a program that is able todetect most commonly used packers or encryptors, the PEiD tool. Afteropening our crackme.exe program with PEid, we can see what the picturebelow presents:
The new unpacked executable file is named main.exe and is put intothe same directory as crackme.exe. If we run OllyDbg with our newmain.exe, the Olly doesn't complain anymore and starts normally.
In this part of the tutorial we've looked at the unpacking process ofthe crackme.exe program. In the next tutorials we'll try to analyze thefirst challenge, where we need to enter the right Name and Key 1 value.