Buggers v.5 CrackMe

Note

This is my first writeup so it may be a bit confusing to understand and I apologize for that.

Initial View

At first I checked if the executable is 64bit or 32bit and confirmed its a 32bit PE(Portable Executable) using the tool Detect It Easy. Figure 1: Architecture Detection So I opened the buggers.exe file and it did nothing and I thought why?? and here I had to use my reversing skill to decode the behaviour.

Detailed View

I fired up my x32dbg and opened buggers.exe in it. Figure 2: x32dbg Now head over to entry point of program using Run To User Code from the toolbar. First I noticed was a call to GetProcAddress which returns the address of the specified exported dynamic-link library (DLL) function.

FARPROC GetProcAddress(
  [in] HMODULE hModule,		//handle to DLL Module
  [in] LPCSTR  lpProcName	//name of function
);

Figure 2: GetProcAddress()

NEXT COME HERE______