Monday, June 16, 2008
Bitsum PeCompact 2.8x up to the latest Version a Virus?
Executable compressors work by compressing selected portions of executables. At runtime, compressed executables are decompressed and reconstructed directly into their virtual image (memory) so that no data is ever written to the disk. The executable can therefore be run exactly as it was before without the user even knowing it was compressed.
PECompact2 is a next generation win32 executable/module compressor. Commonly termed an 'executable packer', such utilities compress executables and modules (i.e. *.EXE, *.DLL, *.OCX, *.SCR). At runtime the compressed modules are rapidly decompressed in memory.
PECompact performs better than other industry competitors in both compression ratio and decompression speed, but most importantly it is commercial ready software that is constantly updated and maintained. The decompression algorithms used by PECompact are optimized for maximum decompression speed. This results in the load time of compressed modules often being improved since fewer bytes must be read from the storage medium. Additionally, the compression ratio of PECompact is better than any general purpose compression software like ZIP, RAR, or 7-ZIP. This is because PECompact is optimized for a specific type of file format: executables. The compression ratio typically ranges from 70% to 80%, but varies depending on the specific module.
Changes since v2.82 final
Change.Core: Added support for ASLR (randomized image basing) executables in PECompact, PEC2GUI, and PETrim. Specifically, fixups/relocations are no longer stripped by default on ASLR enabled EXEs. In previous versions, the user had to set /StripFixups:No for these EXEs to work in Vista and above.
Change.Installer: Updated to NSIS 2.37.
Download (trial): http://www.bitsum.com/showtrialdownloadlink.asp?ProductID=68232&Beta=False
Download (student/freeware): http://www.bitsum.com/files/pec2student.zip
Download (retail): http://www.bitsum.com/userservices
Direct to trial: http://www.bitsum.com/files/pec2setup.zip
Direct to student/freeware: http://www.bitsum.com/files/pec2student.zip
June 9, 2008:
PECompact v2.86
Homepage: http://bitsum.com/
Some single files scan results:
File PEChksum.exe
Result: 5/33 (15.16%): http://www.virustotal.com/analisis/01753cb5b0a9bc2793cbad3f432f5ab2
File pec2codec_jcalg1.dll:
Result: 5/33 (15.16%): http://www.virustotal.com/analisis/c09e58c4578944707fdb7b85b149090f
File pec2gui.exe
Result: 3/33 (9.1%): http://www.virustotal.com/analisis/231e94ce915162af9f650a1f539766ec
File updatechecker_chinesegb.dll:
Result: 4/33 (12.13%): http://www.virustotal.com/analisis/685d37791c415d80ceb1a7ade2941bff
File PEWaterMark.exe
Result: 3/33 (9.1%): http://www.virustotal.com/analisis/82432bcea193685257a959bed7100df0
File PESubsys.exe
Result: 2/32 (6.25%): http://www.virustotal.com/analisis/253077a8c6f43b0927dff0a39644c0d5
File PEInsert.exe
Result: 5/32 (15.63%): http://www.virustotal.com/analisis/7160483c9b7bf9b1f168b4e8e2cbffff
File PEHideText.exe
Result: 6/33 (18.19%): http://www.virustotal.com/analisis/ffe449cfaf911e4bfa5f198addbe4d21
File peclassify.exe
Result: 6/33 (18.19%): http://www.virustotal.com/analisis/552e0f1f959de5c6948f483596d4e155
File PEChksum.exe
Result: 5/33 (15.16%): http://www.virustotal.com/analisis/a2660c5921489c9a3bfb98c19c3a18e5
File pec2ldr_reduced.dll
Result: 1/33 (3.04%): http://www.virustotal.com/analisis/8e4c8a2dd407b724baa0946878867c8c
File pec2ldr_default.dll
Result: 1/33 (3.04%): http://www.virustotal.com/analisis/bcf2de6fc092f3de4a3f192d42c7ac74
File pec2ldr_antidebug.dll
Result: 1/32 (3.13%): http://www.virustotal.com/analisis/f9f14939e7cafe415e7e06965d949cee
File pec2codec_lzma.dll
Result: 4/33 (12.13%): http://www.virustotal.com/analisis/93e37a02b695afebb23f5ce2aa397ade
File PEC2.exe
Result: 4/33 (12.13%): http://www.virustotal.com/analisis/a6f1f7b1a28dda4f9d65da354a2f2c62
File lzma.exe
Result: 5/33 (15.16%): http://www.virustotal.com/analisis/d162aafe733e6d9c4b32946aa63c09d9
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment