Description: Simple packer, the loader is written in assembly (FASM) and the builder in Delphi.
For the technical part, this packer is good for:
- A non dependent code of its address with the delta offset
- Load API by hash
- Research in Export Address Table
- Import Address Table loading (ordinal & name)
- Use of NtCreateSection/NtMapViewOfSection
- The trick VirtualSize = SizeOfImage so that Windows don t steel our memory position.
To Search:
File list (Check if you may need any files):
FASM Packer
...........\loader.asm
...........\loader.exe
...........\make.bat
...........\Packer
...........\......\Cleaner.bat
...........\......\icon.ico
...........\......\Packer.dpr
...........\......\Packer.exe
...........\......\Packer.res
...........\......\PEFile.pas
...........\......\uMain.dfm
...........\......\uMain.pas
...........\readme.txt
...........\structs.inc
Download