Pre-requisites

I'm not an expert on packers so don't take this as the definitive gospel, I've probably only studied 5-10
examples at the most just to ensure I could unpack them if need be (excluding the HASP envelope).
Here's a checklist you ought to run through before considering unpacking.

i) Knowledge of the PE file format (used by all Win32 OS's) is essential. Microsoft's site provides some
general information; I recommend these 2 articles (45k), the one by Randy Kath is the Microsoft
approved text. The omnipresent Matt Pietrek has also written some good articles (not least his book),
for a limited time only you can get your very own OCR'd copy of Windows System Programming Secrets
at NeuRaL_NoiSE's site.

ii) Knowledge of SEH (Structured Exception Handling) is required, read this article by Jeremy Gordon and
download the example file except32.zip. Have a look too at these brief SEH notes (22k).

iii) A Win32 API guide, read specifically :- CreateProcess, GetCurrentProcessID, GetModuleHandleA,

GetProcAddress, OpenProcess, ReadProcessMemory, VirtualAlloc, VirtualFree, WriteProcessMemory.

iv) A good debugger, SoftICE or TRW, in extreme cases Turbo Debug.

v) A PE dump utility. Borland's TDUMP or Matt Pietrek's PEDump are recommended, even QuickView
included with Windows can be adequate.

vi) A HEX editor with good cut/copy & paste facilities, I like UltraEdit, but Hex Workshop or Hiew will also
do. You'll also require a memory dumping tool (IceDump or SoftDump).