GitHub
commit
cd9261ef99
|
|
@ -1,15 +1,23 @@
|
||||||
{
|
{
|
||||||
"namespace": "runtime-packer",
|
"namespace": "runtime-packer",
|
||||||
"description": "Runtime or software packer used to combine compressed data with the decompression code. The decompression code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries.",
|
"description": "Runtime or software packer used to combine compressed or encrypted data with the decompression or decryption code. This code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries.",
|
||||||
"version": 1,
|
"version": 1,
|
||||||
"predicates": [
|
"predicates": [
|
||||||
{
|
{
|
||||||
"value": "portable-executable",
|
"value": "portable-executable",
|
||||||
"expanded": "Portable Executable (PE)"
|
"expanded": "Portable Executable (PE)"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"value": "dex",
|
||||||
|
"expanded": "Dalvik Executable (DEX)"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"value": "elf",
|
"value": "elf",
|
||||||
"expanded": "ELF"
|
"expanded": "Executable Linkable Format (ELF)"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "mach-o",
|
||||||
|
"expanded": "Mach-object (Mach-O)"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "cli-assembly",
|
"value": "cli-assembly",
|
||||||
|
|
@ -24,6 +32,18 @@
|
||||||
"value": ".netshrink",
|
"value": ".netshrink",
|
||||||
"expanded": ".netshrink"
|
"expanded": ".netshrink"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"value": "alienyze",
|
||||||
|
"expanded": "Alienyze"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "apack",
|
||||||
|
"expanded": "aPack"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "apk-protect",
|
||||||
|
"expanded": "APK Protect"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"value": "armadillo",
|
"value": "armadillo",
|
||||||
"expanded": "Armadillo"
|
"expanded": "Armadillo"
|
||||||
|
|
@ -36,6 +56,14 @@
|
||||||
"value": "aspr-asprotect",
|
"value": "aspr-asprotect",
|
||||||
"expanded": "ASPR (ASProtect)"
|
"expanded": "ASPR (ASProtect)"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"value": "autoit",
|
||||||
|
"expanded": "AutoIT"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "bero",
|
||||||
|
"expanded": "BeRo EXE Packer"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"value": "boxedapp-packer",
|
"value": "boxedapp-packer",
|
||||||
"expanded": "BoxedApp Packer"
|
"expanded": "BoxedApp Packer"
|
||||||
|
|
@ -44,6 +72,18 @@
|
||||||
"value": "cexe",
|
"value": "cexe",
|
||||||
"expanded": "CExe"
|
"expanded": "CExe"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"value": "code-virtualizer",
|
||||||
|
"expanded": "Code Virtualizer"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "dexguard",
|
||||||
|
"expanded": "DexGuard"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "dexprotector",
|
||||||
|
"expanded": "DexProtector"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"value": "dotbundle",
|
"value": "dotbundle",
|
||||||
"expanded": "dotBundle"
|
"expanded": "dotBundle"
|
||||||
|
|
@ -69,8 +109,16 @@
|
||||||
"expanded": "FSG"
|
"expanded": "FSG"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "kkrunchy-src",
|
"value": "gzexe",
|
||||||
"expanded": "kkrunchy src"
|
"expanded": "GzExe"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "kkrunchy",
|
||||||
|
"expanded": "Kkrunchy"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "liapp",
|
||||||
|
"expanded": "LIAPP"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "mew",
|
"value": "mew",
|
||||||
|
|
@ -80,21 +128,33 @@
|
||||||
"value": "mpress",
|
"value": "mpress",
|
||||||
"expanded": "MPRESS"
|
"expanded": "MPRESS"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"value": "nspack",
|
||||||
|
"expanded": "NSPack"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"value": "obsidium",
|
"value": "obsidium",
|
||||||
"expanded": "Obsidium"
|
"expanded": "Obsidium"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"value": "pecompact",
|
||||||
|
"expanded": "PECompact"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"value": "pelock",
|
"value": "pelock",
|
||||||
"expanded": "PELock"
|
"expanded": "PELock"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"value": "peshield",
|
||||||
|
"expanded": "PEShield"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"value": "pespin",
|
"value": "pespin",
|
||||||
"expanded": "PESpin"
|
"expanded": "PESpin"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "petite",
|
"value": "petite",
|
||||||
"expanded": "Petite"
|
"expanded": "PEtite"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "rlpack-basic",
|
"value": "rlpack-basic",
|
||||||
|
|
@ -108,6 +168,10 @@
|
||||||
"value": "themida",
|
"value": "themida",
|
||||||
"expanded": "Themida"
|
"expanded": "Themida"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"value": "upack",
|
||||||
|
"expanded": "UPack"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"value": "upx",
|
"value": "upx",
|
||||||
"expanded": "UPX"
|
"expanded": "UPX"
|
||||||
|
|
@ -119,6 +183,18 @@
|
||||||
{
|
{
|
||||||
"value": "xcomp-xpack",
|
"value": "xcomp-xpack",
|
||||||
"expanded": "XComp/XPack"
|
"expanded": "XComp/XPack"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "yoda-crypter",
|
||||||
|
"expanded": "Yoda's Crypter"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "yoda-protector",
|
||||||
|
"expanded": "Yoda's Protector"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"value": "zprotect",
|
||||||
|
"expanded": "ZProtect"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue