Hi everyone,

I'm doing research on anti-virus (AV) software and I want to test each vendor's ability to handle the most popular packers/crypters/etc. As many of you know, the more packers an AV package supports, the higher the likelihood that they'll detect new variants that have just simply been repacked. Many vendors use the packed file (versus the contents of the packed file) for their signatures - this is wrong and inefficient! Help me outline the "vulnerable" AV packages.

Here is a good link with a bunch of packers listed if you need your memory jogged -

http://protools.reverse-engineering.net/packers.htm

Please list your top 10...

Thank you very much in advance!!!

1. Manual Packing (ie ME!!!!)
2. Aspack
3. Morphine(assuming you're including encrypters or whatever morphine comes under)
4. UPX

Ive heard armadillo is good but i dont ahve a full version of it to test it out so cant help there. Other packers/enncrypters which I might consider using are pervert & pex but I never have done so before

Thanks saetji, I edited my post - yes, I am referring to packers, crypters, and any other file "protector" to hide from AV.

1. UPX
2. Morphine
3. ASPack

Thats all I have ever used. Only chose to use those compressors because of the amount of coverage and respect these products get so I thought I should give them a try. UPX and ASPack are commonly used in the field, Symantec has mentioned loads of viruses where these packers have been used.

If you haven't thought about this already I would recommend writing a script which would go through each packer and each packer will pack the original file. Simple BAT file will do the job.



Should save you alot of time.

Good look with your research.

FSG
ASPACK
MORPHINE + EXESTEALPH

1. ASPACK
2. PECOMPACT
3. YodaCrypt
4. Morphine
5. UPX
6. FSG

Mix them together and hide the headers and you can get alot of files undectable from AV's

i use molebox often for these things

sk3tch, for who are u doing research for?

SOME UNKNOWN CRAP
UPX
MORPHINE
FSG

1.) MEW
2.) MEW
3.) MEW
4.) FSG
5.) UPX
These are my choices! !

1. Mew
2. UPX
3. FSG
4. Morphine (not really a packer)

ASProtect is my favourite, then comes ASPack, then Petite, and Shrinker, then UPX...

1. Mew
2. FSG
3. UPX


My Top Packers List

Uhh, Packing is gay. I just code my own stuff, then it's never in vscans.

Pointless response, nolimit. It has nothing to do with the topic.

Nspack (From China)

Aspack (More universal)

Upx (More universal)

Morphine (Better for encrypt)

morphine and upx normally do the trick

1.UPX
2.MEW
3.Morphine

Upack
Mew 1.2
Morphine
upx + upolyx

1.UPX
2.Aspack
3.FSG(asm only)
then I apply a recompiled morphine

upack
fsg
packman
morph