Executable compression
Encyclopedia : E : EX : EXE : Executable compression
Executable compression is any means of compressing an executable file and combining the compressed data with the decompression code it needs into a single executable. Its principal actual purpose is to deter Reverse engineering, to hide malware (from Antivirus scans) by proprietary methods and/or added encryption.
When executed, this will unpack the original executable code and transfer control to it. The effect is the same as if the original uncompressed executable had been run. A compressed executable requires
- less storage space in the file system,
- less time to transfer data from the file system into memory, and
- more time to decompress the data before execution begins than the uncompressed original.
There are tools that will decompress a compressed executable without executing it, such as CUP386 and UNP.
Most packed executables decompress directly into the memory and need no free file system space to start. However, some decompressor stubs are known to write the uncompressed executable in the file system in order to start it.
Executable compression has often been taken to extremes by the demoscene, and some compressors, such as MuCruncher, kkrunchy and 624, have been specifically designed for use in size-restricted demos. An extreme example is [Crinkler], which has been created for 4096 byte intros, and is physically unable to compress much larger executables because of the compression time and memory consumption.
List of packers
For
For
- apack
- LZEXE
- diet
- PKLite
- 32LiTE
- 624 (small .COMs < 25KiB only)
- UPX
For other
- [624] - for ELF binaries on Linux/i386
- gzexe - uses a shell script stub and gzip and works on most Unix-like systems
- [PuCrunch] - for Commodore 64, 16 and VIC 20.
- [Exomizer] - for Commodore 64, 16 and VIC 20, etc...
- [ByteBoozer PC] - for Commodore 64.
- [powerpacker] - for Commodore Amiga
- [Titanics cruncher] - for Commodore Amiga
- [imploder] - for Commodore Amiga
- TNM cruncher - for Commodore Amiga
- UPX - also supports Linux/i386 binaries, as well as some more obscure platforms
List of unpackers and identifiers
- PEiD
- CUP386 (generic unpacker/debugger, freeware)
- UNP (specific/generic unpacker, cardware)
- IUP (generic unpacker, public domain w/ .ASM src)
See also
- apack
- LZEXE
- diet
- PKLite
- 32LiTE
- 624 (small .COMs < 25KiB only)
- UPX
For other
- [624] - for ELF binaries on Linux/i386
- gzexe - uses a shell script stub and gzip and works on most Unix-like systems
- [PuCrunch] - for Commodore 64, 16 and VIC 20.
- [Exomizer] - for Commodore 64, 16 and VIC 20, etc...
- [ByteBoozer PC] - for Commodore 64.
- [powerpacker] - for Commodore Amiga
- [Titanics cruncher] - for Commodore Amiga
- [imploder] - for Commodore Amiga
- TNM cruncher - for Commodore Amiga
- UPX - also supports Linux/i386 binaries, as well as some more obscure platforms
List of unpackers and identifiers
- PEiD
- CUP386 (generic unpacker/debugger, freeware)
- UNP (specific/generic unpacker, cardware)
- IUP (generic unpacker, public domain w/ .ASM src)
See also
From Wikipedia, the Free Encyclopedia. Original article here. Support Wikipedia by contributing or donating.
All text is available under the terms of the GNU Free Documentation License See Wikipedia Copyrights for details.