That is what PECompact should do, or at least offer it. Like the way it is done by *peep*
PECompact is a compressor, not a protection system, like Armadillo and others mentioned in that article.
If you were to compare compressed sizes you would see the difference.
It sounds like the feature should be in AutoIt really, but should PECompact encrypt overlay?
Well, the process of reading any overlay data from any executable is basically the same. The overlay data is not in memory when the executable is executed, so it must always be read from the disk.
Therefore, as the article suggests, hooking CreateFileW API will at some point lead you to the executable reading itself from disk, SetFilePointer will show where in the file the overlay data starts, ReadFile will show the length and destination buffer for the data.
In order to encrypt the overlay data with PECompact, one would have to hook at least CreateFileA + CreateFileW + SetFilePointer + SetFilePointerEx + ReadFile + ReadFileEx APIs, so that all calls to these functions from the compressed executable would be handled by the decryption routine, which would then decrypt and return the original overlay data.
It's really not that hard to do, but I don't think there is any way to do this (as no access to overlay) from a hook plugin currently, and as you can see, it's not hard for a determined person to steal the data.
And by the way, how and where should I store data by using AutoIt? The script is always attached as overlay.
Then you have no choice but to use overlay, or use some other program. Having never used AutoIt or anything like that, I cannot give any more specific answer than that.
If you were doing it from your own program I could give you more help.
Have fun!
BoB
