Merge pull request #268 from dhondta/main

Improved runtime-packers
pull/269/head
Alexandre Dulaunoy 2023-09-30 10:04:13 +02:00 committed by GitHub
commit 903ada058d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 153 additions and 18 deletions

View File

@ -1,10 +1,10 @@
{
"namespace": "runtime-packer",
"description": "Runtime or software packer used to combine compressed or encrypted data with the decompression or decryption code. This code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries.",
"version": 1,
"version": 2,
"predicates": [
{
"value": "portable-executable",
"value": "pe",
"expanded": "Portable Executable (PE)"
},
{
@ -16,7 +16,7 @@
"expanded": "Executable Linkable Format (ELF)"
},
{
"value": "mach-o",
"value": "macho",
"expanded": "Mach-object (Mach-O)"
},
{
@ -26,12 +26,91 @@
],
"values": [
{
"predicate": "portable-executable",
"predicate": "dex",
"entry": [
{
"value": "apk-protect",
"expanded": "APK Protect"
},
{
"value": "dexguard",
"expanded": "DexGuard"
},
{
"value": "dexprotector",
"expanded": "DexProtector"
}
]
},
{
"predicate": "elf",
"entry": [
{
"value": "bzexe",
"expanded": "BzExe"
},
{
"value": "ezuri",
"expanded": "Ezuri"
},
{
"value": "gzexe",
"expanded": "GzExe"
},
{
"value": "midgetpack",
"expanded": "MidgetPack"
},
{
"value": "pakkero",
"expanded": "Pakkero"
},
{
"value": "papaw",
"expanded": "Papaw"
},
{
"value": "shiva",
"expanded": "Shiva"
},
{
"value": "upx",
"expanded": "UPX"
}
]
},
{
"predicate": "macho",
"entry": [
{
"value": "eleckey",
"expanded": "ElecKey"
},
{
"value": "muncho",
"expanded": "Muncho"
},
{
"value": "mpress",
"expanded": "MPRESS"
},
{
"value": "upx",
"expanded": "UPX"
}
]
},
{
"predicate": "pe",
"entry": [
{
"value": ".netshrink",
"expanded": ".netshrink"
},
{
"value": "acprotect",
"expanded": "ACProtect"
},
{
"value": "alienyze",
"expanded": "Alienyze"
@ -40,10 +119,6 @@
"value": "apack",
"expanded": "aPack"
},
{
"value": "apk-protect",
"expanded": "APK Protect"
},
{
"value": "armadillo",
"expanded": "Armadillo"
@ -53,13 +128,17 @@
"expanded": "ASPack"
},
{
"value": "aspr-asprotect",
"expanded": "ASPR (ASProtect)"
"value": "asprotect",
"expanded": "ASProtect"
},
{
"value": "autoit",
"expanded": "AutoIT"
},
{
"value": "axprotector",
"expanded": "AxProtector"
},
{
"value": "bero",
"expanded": "BeRo EXE Packer"
@ -77,21 +156,29 @@
"expanded": "Code Virtualizer"
},
{
"value": "dexguard",
"expanded": "DexGuard"
},
{
"value": "dexprotector",
"expanded": "DexProtector"
"value": "confuserex",
"expanded": "ConfuserEx"
},
{
"value": "dotbundle",
"expanded": "dotBundle"
},
{
"value": "dragon-armor",
"expanded": "Dragon Armor"
},
{
"value": "eleckey",
"expanded": "ElecKey"
},
{
"value": "enigma-protector",
"expanded": "Enigma Protector"
},
{
"value": "enigma-virtual-box",
"expanded": "Enigma Virtual Box"
},
{
"value": "exe-bundle",
"expanded": "EXE Bundle"
@ -100,6 +187,10 @@
"value": "exe-stealth",
"expanded": "EXE Stealth"
},
{
"value": "exe32pack",
"expanded": "EXE32Pack"
},
{
"value": "expressor",
"expanded": "eXPressor"
@ -109,8 +200,12 @@
"expanded": "FSG"
},
{
"value": "gzexe",
"expanded": "GzExe"
"value": "hxor-packer",
"expanded": "hXOR Packer"
},
{
"value": "jdpack",
"expanded": "JDPack"
},
{
"value": "kkrunchy",
@ -124,10 +219,26 @@
"value": "mew",
"expanded": "MEW"
},
{
"value": "molebox",
"expanded": "MoleBox"
},
{
"value": "morphine",
"expanded": "Morphine"
},
{
"value": "mpress",
"expanded": "MPRESS"
},
{
"value": "neolite",
"expanded": "Neolite"
},
{
"value": "netcrypt",
"expanded": "NetCrypt"
},
{
"value": "nspack",
"expanded": "NSPack"
@ -136,6 +247,10 @@
"value": "obsidium",
"expanded": "Obsidium"
},
{
"value": "packman",
"expanded": "Packman"
},
{
"value": "pecompact",
"expanded": "PECompact"
@ -144,6 +259,10 @@
"value": "pelock",
"expanded": "PELock"
},
{
"value": "pepacker",
"expanded": "PE Packer"
},
{
"value": "peshield",
"expanded": "PEShield"
@ -156,6 +275,10 @@
"value": "petite",
"expanded": "PEtite"
},
{
"value": "procrypt",
"expanded": "ProCrypt"
},
{
"value": "rlpack-basic",
"expanded": "RLPack Basic"
@ -164,10 +287,22 @@
"value": "smart-packer-pro",
"expanded": "Smart Packer Pro"
},
{
"value": "squishy",
"expanded": "Squishy"
},
{
"value": "telock",
"expanded": "Telock"
},
{
"value": "themida",
"expanded": "Themida"
},
{
"value": "thinstall",
"expanded": "Thinstall"
},
{
"value": "upack",
"expanded": "UPack"