Welcome to Module 6 – Packers and in this module, we'll understand packers in some detail. Packers are self-decrypting executable files and were originally made for compressing the code size. You'll learn the key characteristics of packers such as packer string advertisement. Packers have few strings and imports, high entropy data, and large virtual sections with small raw disk size. We'll also discuss the reasons of using packers such as to hide strings, change the hash, and mask the binary signatures. Next, we'll explore some legitimate uses of packers including code compression, Intellectual Property Protection, anti-reverse engineering, anti-cheat, and Digital Rights Management (DRM). Finally, we'll discuss about some examples of packets such as UPX, Armadillo, ASPack, VMProtect, Themida.
Intro to Malware Analysis and Reverse Engineering
In this course you will learn how to perform dynamic and static analysis on all major files types, how to carve malicious executables from documents and how to recognize common malware tactics and debug and disassemble malicious binaries.