Secondary Categories: 02-Malware


Description:

A packer can be used to protect reverse engineers from analyzing your portable executables. A packer is also a good way to reduce the size of the executable and provide some layers of protection to exposing the code. A good protector such as VMProtect can be used to prevent RE from analyzing payloads.

You can also create your own packer which has its benefits over using a packer like ASPack or VMProtect.

  • Only you have the packer and it only for your payload which makes it harder to analyze because its unique
  • The dveloper controls how the program restores and lauches, compression/encryption algorithms used in the packer.
  • The developer can add in their own anti reverse engineering techniques into the packer.
  • Quickly change the signature and structure when a current version is flagged as malicious or known
  • Hide useful information in your packer that could be used for analysis

Resources:

Also Check Out:

  • Placeholder