1. if you can attach ollydbg at some point to the game (even protection against attaching is hackable) you can simply dump the UNPACKED memory back into PE format (it has some plugins for this)
2. I cant remember where I have seen it, but there are profiling programs that can trace in what order what memory location is accessed and by making a nice graph out of it, you see where heavy used functions are, or if its "unpacking" something (from files f.e.)
3. any executable has to use some system APIs to do stuff on your pc, so a good idea is usually to start hook/detour them and have some "debug points", like f.e. file access, networking, stringhandling, etc
4. finding cryptoalgorithm and libs that are used for that usually have functions that can be hooked to get data BEFORE its encrypted
5.dunno, theres more, but its 4 in the morning, brain goes...
greetz WV
