Executable compression

From Just Solve the File Format Problem
Jump to: navigation, search
File Format
Name Executable compression
Ontology

Executable compression takes an executable file, and makes it smaller, without changing its functionality. One way to do that is to compress the file and bundle it with a small decompression routine, which decompresses the file, in memory, every time it is executed.

It is usually possible to identify a particular kind of compressed executable as such, and decompress it to its original form. Another possibility is to let the program decompress itself, then try to capture it in memory. However, some developers have used various tricks to try to make these things difficult.

Contents

Security information

Executable compression frequently involves techniques, such as self-modifying code, that are also used by viruses and other malware. Compounding the problem, a compressed executable can't be properly scanned by anti-malware software unless it knows how to decompress it.

Don't be surprised if your anti-malware software thinks some compressed executable files look suspicious. Research into this topic should be considered NSFW.

List of formats

Software

See also

Links

Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox