Malware can wreak havoc on just about any system, and packers help malware stay one step ahead of security software. But what exactly do packers do? How can they be detected? And finally, what are some of the most popular packers used in malware today?
We will answer these questions and more in this article. But first, let’s take a closer look at packers and how they function.
What is a malware packer?
For many years, packers were used for completely innocent reasons. Often known as a “runtime packer,” this software compresses files and then unpacks itself when a program or file is ready to be executed.
As technology advanced, this kind of file size compression became less of a necessity. Nonetheless, packers are still used today, primarily for malware files.
In essence, a malware packer is a tool used to mask a malicious file. Packers can encrypt, compress or simply change the format of a malware file to make it look like something else entirely. The process of packer compression or encryption takes the file from its original code to a new state using tried-and-true obfuscation techniques.
As a result, malware can remain in a system undetected by antivirus software, anti-malware products and other security software, harming the integrity of your system and the security of your data. This is why it is so important to understand how packers can be used in malware.
However, each packer functions a little differently. You will need to know a little about some of the most popular packers used in malware in order to detect them in your own system.
Top 13 popular packers used in malware
It is important to reiterate that packers are not inherently malicious; they are simply a tool used to make certain (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Matthew Jones. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/vIODwjVr_E4/