Secondary Categories: 02-Malware
Description:
A packer can be used to protect reverse engineers from analyzing your portable executables. A packer is also a good way to reduce the size of the executable and provide some layers of protection to exposing the code. A good protector such as VMProtect can be used to prevent RE from analyzing payloads.
You can also create your own packer which has its benefits over using a packer like ASPack or VMProtect.
- Only you have the packer and it only for your payload which makes it harder to analyze because its unique
- The dveloper controls how the program restores and lauches, compression/encryption algorithms used in the packer.
- The developer can add in their own anti reverse engineering techniques into the packer.
- Quickly change the signature and structure when a current version is flagged as malicious or known
- Hide useful information in your packer that could be used for analysis
Resources:
Title | URL |
---|---|
Creating your own packer | https://www.codeproject.com/Articles/5317556/Creating-Your-Very-Own-x64-PE-Packer-Protector-fro |
Also Check Out:
- Placeholder