Monday, June 16, 2008

Bitsum PeCompact 2.8x up to the latest Version a Virus?

Executable compressors work by compressing selected portions of executables. At runtime, compressed executables are decompressed and reconstructed directly into their virtual image (memory) so that no data is ever written to the disk. The executable can therefore be run exactly as it was before without the user even knowing it was compressed.

PECompact2 is a next generation win32 executable/module compressor. Commonly termed an 'executable packer', such utilities compress executables and modules (i.e. *.EXE, *.DLL, *.OCX, *.SCR). At runtime the compressed modules are rapidly decompressed in memory.

PECompact performs better than other industry competitors in both compression ratio and decompression speed, but most importantly it is commercial ready software that is constantly updated and maintained. The decompression algorithms used by PECompact are optimized for maximum decompression speed. This results in the load time of compressed modules often being improved since fewer bytes must be read from the storage medium. Additionally, the compression ratio of PECompact is better than any general purpose compression software like ZIP, RAR, or 7-ZIP. This is because PECompact is optimized for a specific type of file format: executables. The compression ratio typically ranges from 70% to 80%, but varies depending on the specific module.

Changes since v2.82 final

Change.Core: Added support for ASLR (randomized image basing) executables in PECompact, PEC2GUI, and PETrim. Specifically, fixups/relocations are no longer stripped by default on ASLR enabled EXEs. In previous versions, the user had to set /StripFixups:No for these EXEs to work in Vista and above.
Change.Installer: Updated to NSIS 2.37.

Download (trial):
Download (student/freeware):
Download (retail):

Direct to trial:
Direct to student/freeware:

June 9, 2008:
PECompact v2.86

Some single files scan results:

File PEChksum.exe
Result: 5/33 (15.16%):

File pec2codec_jcalg1.dll:
Result: 5/33 (15.16%):

File pec2gui.exe
Result: 3/33 (9.1%):

File updatechecker_chinesegb.dll:
Result: 4/33 (12.13%):

File PEWaterMark.exe
Result: 3/33 (9.1%):

File PESubsys.exe
Result: 2/32 (6.25%):

File PEInsert.exe
Result: 5/32 (15.63%):

File PEHideText.exe
Result: 6/33 (18.19%):

File peclassify.exe
Result: 6/33 (18.19%):

File PEChksum.exe
Result: 5/33 (15.16%):

File pec2ldr_reduced.dll
Result: 1/33 (3.04%):

File pec2ldr_default.dll
Result: 1/33 (3.04%):

File pec2ldr_antidebug.dll
Result: 1/32 (3.13%):

File pec2codec_lzma.dll
Result: 4/33 (12.13%):

File PEC2.exe
Result: 4/33 (12.13%):

File lzma.exe
Result: 5/33 (15.16%):

No comments:

Post a Comment