Pages

Monday, June 16, 2008

Bitsum PeCompact 2.8x up to the latest Version a Virus?



Executable compressors work by compressing selected portions of executables. At runtime, compressed executables are decompressed and reconstructed directly into their virtual image (memory) so that no data is ever written to the disk. The executable can therefore be run exactly as it was before without the user even knowing it was compressed.

PECompact2 is a next generation win32 executable/module compressor. Commonly termed an 'executable packer', such utilities compress executables and modules (i.e. *.EXE, *.DLL, *.OCX, *.SCR). At runtime the compressed modules are rapidly decompressed in memory.

PECompact performs better than other industry competitors in both compression ratio and decompression speed, but most importantly it is commercial ready software that is constantly updated and maintained. The decompression algorithms used by PECompact are optimized for maximum decompression speed. This results in the load time of compressed modules often being improved since fewer bytes must be read from the storage medium. Additionally, the compression ratio of PECompact is better than any general purpose compression software like ZIP, RAR, or 7-ZIP. This is because PECompact is optimized for a specific type of file format: executables. The compression ratio typically ranges from 70% to 80%, but varies depending on the specific module.

Changes since v2.82 final

Change.Core: Added support for ASLR (randomized image basing) executables in PECompact, PEC2GUI, and PETrim. Specifically, fixups/relocations are no longer stripped by default on ASLR enabled EXEs. In previous versions, the user had to set /StripFixups:No for these EXEs to work in Vista and above.
Change.Installer: Updated to NSIS 2.37.


Download (trial): http://www.bitsum.com/showtrialdownloadlink.asp?ProductID=68232&Beta=False
Download (student/freeware): http://www.bitsum.com/files/pec2student.zip
Download (retail): http://www.bitsum.com/userservices

Direct to trial: http://www.bitsum.com/files/pec2setup.zip
Direct to student/freeware: http://www.bitsum.com/files/pec2student.zip


June 9, 2008:
PECompact v2.86
Homepage: http://bitsum.com/

Some single files scan results:

File PEChksum.exe
Result: 5/33 (15.16%): http://www.virustotal.com/analisis/01753cb5b0a9bc2793cbad3f432f5ab2

File pec2codec_jcalg1.dll:
Result: 5/33 (15.16%): http://www.virustotal.com/analisis/c09e58c4578944707fdb7b85b149090f

File pec2gui.exe
Result: 3/33 (9.1%): http://www.virustotal.com/analisis/231e94ce915162af9f650a1f539766ec

File updatechecker_chinesegb.dll:
Result: 4/33 (12.13%): http://www.virustotal.com/analisis/685d37791c415d80ceb1a7ade2941bff

File PEWaterMark.exe
Result: 3/33 (9.1%): http://www.virustotal.com/analisis/82432bcea193685257a959bed7100df0

File PESubsys.exe
Result: 2/32 (6.25%): http://www.virustotal.com/analisis/253077a8c6f43b0927dff0a39644c0d5

File PEInsert.exe
Result: 5/32 (15.63%): http://www.virustotal.com/analisis/7160483c9b7bf9b1f168b4e8e2cbffff

File PEHideText.exe
Result: 6/33 (18.19%): http://www.virustotal.com/analisis/ffe449cfaf911e4bfa5f198addbe4d21

File peclassify.exe
Result: 6/33 (18.19%): http://www.virustotal.com/analisis/552e0f1f959de5c6948f483596d4e155

File PEChksum.exe
Result: 5/33 (15.16%): http://www.virustotal.com/analisis/a2660c5921489c9a3bfb98c19c3a18e5

File pec2ldr_reduced.dll
Result: 1/33 (3.04%): http://www.virustotal.com/analisis/8e4c8a2dd407b724baa0946878867c8c

File pec2ldr_default.dll
Result: 1/33 (3.04%): http://www.virustotal.com/analisis/bcf2de6fc092f3de4a3f192d42c7ac74

File pec2ldr_antidebug.dll
Result: 1/32 (3.13%): http://www.virustotal.com/analisis/f9f14939e7cafe415e7e06965d949cee

File pec2codec_lzma.dll
Result: 4/33 (12.13%): http://www.virustotal.com/analisis/93e37a02b695afebb23f5ce2aa397ade

File PEC2.exe
Result: 4/33 (12.13%): http://www.virustotal.com/analisis/a6f1f7b1a28dda4f9d65da354a2f2c62

File lzma.exe
Result: 5/33 (15.16%): http://www.virustotal.com/analisis/d162aafe733e6d9c4b32946aa63c09d9

No comments:

Post a Comment