Executable compression

From Just Solve the File Format Problem
Jump to: navigation, search
File Format
Name Executable compression
Ontology

Executable compression takes an executable file, and makes it smaller, without changing its functionality. One way to do that is to compress the file and bundle it with a small decompression routine, which decompresses the file, in memory, every time it is executed.

It is usually possible to identify a particular kind of compressed executable as such, and decompress it to its original form. Another possibility is to let the program decompress itself, then try to capture it in memory. However, some developers have used various tricks to try to make these things difficult.

Contents

Security information

Executable compression frequently involves techniques, such as self-modifying code, that are also used by viruses and other malware. Compounding the problem, a compressed executable can't be properly scanned by anti-malware software unless it knows how to decompress it.

Don't be surprised if your anti-malware software thinks some compressed executable files, and related tools, look suspicious. Research into this topic should be considered NSFW.

List of formats

Software

Decompression software

Some multi-format executable decompression utilities are listed here. They generally only run on the same platform as the files they decompress.

  • UNP - v4.11 · 4.12β · website - For DOS, source code available
  • Tron - For DOS
  • iCEuNP by JauMing Tseng & Christoph Gabler - For DOS, source code included
  • UNEXE by Frolov Andrey Leonidovich - For DOS

See also

Links

Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox