Executable compression
Executable compression takes an executable file, and makes it smaller, without changing its functionality. One way to do that is to compress the file and bundle it with a small decompression routine, which decompresses the file, in memory, every time it is executed.
It is usually possible to identify a particular kind of compressed executable as such, and decompress it to its original form. Another possibility is to let the program decompress itself, then try to capture it in memory. However, some developers have used various tricks to try to make these things difficult.
Contents |
Security information
Executable compression frequently involves techniques, such as self-modifying code, that are also used by viruses and other malware. Compounding the problem, a compressed executable can't be properly scanned by anti-malware software unless it knows how to decompress it.
Don't be surprised if your anti-malware software thinks some compressed executable files look suspicious. Research into this topic should be considered NSFW.
List of formats
- 624
- AINEXE - See AIN#AINEXE
- aPACK
- ASPack
- AVPACK (Andrei Volkov)
- AXE
- COMPACK
- DIET
- ExeLITE (a.k.a. ELITE)
- EXEPACK
- ICE
- JAM
- JAM Packer, The
- LZEXE
- PECompact
- Petite
- PGMPak (Todor Todorov)
- PKLITE
- PKLITE32
- PRO-PACK
- SCRNCH
- SHRINK
- TINYPROG
- UCEXE - See UltraCompressor II#UCEXE
- UPX
- WWPACK
- XPACK
- X-pack for Executable
Software
- SAC FTP collection → PACK (also at [1], [2], [3])
- ANORMAL's DOSEXE collections → Executable Tools Pack → packers/, unpackers/
- [4] - A collection of some compression and decompression utilities for DOS