Revealing Packed Malware

Ferrie, P. (2008).

Anti-Unpacker Tricks. Paper presented at the 2nd International Caro Workshop. from


The past few years have witnessed a significant increase in malware threats to computer users, threats that also pose a serious risk to the Inter-net’s integrity. Malware exploits software vul-nerabilities to compromise computers and help attackers steal users’ private data. To evade mali-cious content detection, malware authors use packers, binary tools that instigate code obfuscation. By using executable packers, modern mal-ware can completely bypass per-sonal firewalls and antivirus (AV) scanners. Thus, security research-ers are facing a great challenge in overcoming malware’s complex-ity. Reverse engineering (RE) has become an important approach to analyzing a program’s logic flow and internal data structures, such as system call functions. Security researchers and AV products must be able to unpack and inspect the payloads hidden within the packed programs using RE tools.