Do some experiment with exe compression

Started by dlyaverablyamit, January 25, 2024, 03:09:14 AM

Previous topic - Next topic

dlyaverablyamit

I found documentation on how the PE header is structured and how a program is loaded and started by the OS. Can you give me some pointers on what I should look now ? There is some very simple exe packer source I can examine ? UPX is way too much complex for me at the moment.

Jeremy Collake

Sorry, I don't have any simple packers to point you to, but I think I've seen one or two long, long ago. Good luck!
Software Engineer. Bitsum LLC.

MonroeLowery

One of the simpler tools than UPX is SimpleDPack, which is a very simple Windows exe packaging tool, suitable for learning or studying PE structures. Additionally, you can also consider Simple Executable Packer on SourceForge, a simple Windows exe/dll packaging tool, with source code mainly written in C and very minimalist.

carefulcontest

To deepen your understanding of PE headers and executable packers, start by solidifying your grasp of the PE file format and program loading process. Look for simpler executable packer source codes like MPRESS or TinyPE, which are less complex than UPX. Analyzing and modifying these simpler packers will help you understand how they manipulate PE headers and compress sections. Utilize resources like Microsoft's PE and COFF Specification and tutorials on platforms like CodeProject. Experiment with small projects to test your knowledge and observe the effects of changes. This approach will build your foundation and prepare you for more complex tools.