ﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄ
RCC - ROSE COM Crypter
ﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄ

An other cryptor for COM files? No! RCC is (in my eyes) one of the most
advanced COM Crypters yet - especially RCC/Mild. Why? Because RCC/Mild
generates VERY short decryptors with a lot of antidebug features!

RC/Mild was written because I want to have an own _small_ protector for my
small intro files.


Some Highlights:

Both versions
        Encrypts the host - so strong that you cann't
                            compress it afterwards!
        Polymorph encrypted decryptor using a mutation engine
        Antidebugger tricks
        Generic unpacker tricks (CUP, UNP, TSUP, UUP...)
        Anti Tron -p 1.20/-u 1.30 unpacker tricks!
        Anti CUP/386 /1-/7 unpacker tricks
        Variable decryptor length
        Fake jump and instructions to fool anti virus programs
        Fake jump to fool CUP 386/3.2, 3.3
        Anti TEU, UPC & Intruder code
        Original entry point data is double encrypted

'Hard'-Module
        More antidebugger tricks
        Anti load tricks (Anti Intruder/SnapShot code)
        Anti UPC/XPack code

-=[ Decryptor ]=-----------------------------------------------------------
Length (approx.)

1.09
        Mild:   179-240 bytes
        Hard:   680-740 bytes
1.10
        1.09 + 15 bytes

1.11    Mild:  approx 300 bytes
        Hard:  approx 600 bytes

1.12    approx 5-10 bytes shorter than 1.11

ﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄ

Hi Dudes,

try to protect a COM file with RC-II and THEN try to debug it or hack it!
Well I know it's easy to do a runtime unpacking to ANY COM file.  But I
want you that you check it out with Soft-ICE, AutoHack, Intruder and such
crap. EVERY normal hacker should be able to unpack RC protected files - if
not: Give up and play DOOM instead!  :)

ﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄﾄ

History
~~~~~~~

New with 1.08 - there are two versions of RC/286:

 - a smaller one, called mild (decryptor about 400 bytes)
 - a bigger one, called hard (decryptor about 1000 bytes)

New with 1.10:    31-July-96

 - added code to disable 386 hardware break points on exec/write 100h
   works with CUP 386 <eg>
 - Rand0m/Ka0t: Did your unpacker still work?
 - Ghostbuster: Did your unRCC still work? Send me a copy... :-))

New with 1.10b:   01-Aug-96

 - fixed sp=0fffdh bug (thx 2 ghostbuster)
 - fixed fake 100h routine (thx 2 rand0m/ka0t)

New with 1.11:   25-Oct-96

 - Total rewritten startup code of protected files.
 - Rewritten 100h simulation.
 - Removed anti intruder code, added anti UPC/XPack code

New with 1.12:   02-Jan-97

 - Bugfix (stack and other things)
 - Additional fake code for generic unpackers like CUP 3.2

New with 1.13:   01-Aug-97

 - Fixed the color routine to work under Windows NT
 - The last 6 months allmost every macro I use have changed
 - Added anti TEU and anti CUP 3.3 macros

New with 1.14:   03-May-98

 - uses now the inline memory encryption from HackStop, thus achiving
   a double enryption of some parts.


keep on c0ding,

        Ralph


Take a look at ROSEBBS.TXT for my address!