![]() ![]() ![]() This is important for anyone trying to analyze the code. During the packing process, the original entry point is relocated/obfuscated in the packed section.Decompression stub - used to unpack the code.The original portable executable header (PE header, which consists of executable image and object files) and original code are compressed or encrypted and stored in the packed section of the new executable.The original code is uploaded into the packer tool and goes through the packer process to compress or encrypt the data. ![]() Some legitimate use includes protecting intellectual property or other sensitive data from being copied.Ī stub is a small portion of code that contains the decryption or decompression agent used to decrypt the packed file Though often used to delay the detection of malicious code, there is still legitimate use for packing. A packer is a tool that modifies the formatting of code by compressing or encrypting the data. It can be used to protect intellectual property or other sensitive code. Obfuscation does have legitimate purpose. This technique is used to delay detection and/or to make reverse engineering difficult. Obfuscation takes code and basically makes it unreadable without destroying its intended functionality. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |