Manual unpacking of UPX 3 04 I will use this post to demonstrate how to manually unpack a program which was packed with UPX 3.04 packer using Ollydbg. The packed executable can be downloaded from the LINK. It is a very simple program that only shows a message box with some text in it. Packers Packers are programs that take an executable file as input and produce a new executable file as output. The new executable contains the original executable as data and an unpacking stub which is called by the OS. Malware authors use packers because they help malware hide from antivirus software, complicate malware analysis and shrink the size of a malicious executable. When dealing with a packed program, the unpacking stub is loaded by the OS, and then the unpacking stub loads the original program. The unpacking stub is often small and it can be viewed by the malware analyst. Understanding how the unpacking stub operates is very important to unpacking the original executable. The unpacking stub pe...