Master of Science (MS)
Soon Tee Teoh
This thesis addresses the topic of development and advancement of the Packer technology. It aims to prove that with the implementation of advanced code encryption and cryptographic techniques in conjunction with standard packing
methods, testing binaries with anti-virus will become increasingly difficult.
Study on this topic reveals that the idea of encoding data has already been established, but it is still not fully incorporated into a technique to pack an executable file. There are some noticeable defects as un-packer tools have also made a great advancement in the field of dynamic analysis. The addition of new capability to recognize emulation environment and taint analysis has lead to execution-time detections of malware.
The plan is to develop a proof of concept that proves that the dynamic un-packers like Renovo can be defeated. The prototype will try to pack and compress the binary file in such a way that it can easily evade the emulation environment created by anti-viruses.
Bavishi, Neel, "An Executable Packer" (2011). Master's Projects. 185.