Question 1

How can I use machine learning to detect packed executables?

Accepted Answer

The Awesome Executable Packing list references papers like 'Analysis of machine learning approaches to packing detection' and datasets like EMBER, which provide methods and data for training models using features such as entropy and control flow graphs, detailed in the Scientific Research section.

Question 2

What tools are recommended for unpacking Windows PE files?

Accepted Answer

The project includes tools like PEiD, OllyDbg scripts, and generic unpackers listed in the ':wrench: Tools' section, though users must source and install them independently from external links provided.

Question 3

Is there a good dataset for training packer detection models?

Accepted Answer

Yes, it points to datasets such as EMBER and BODMAS, which are commonly used in research for static analysis of portable executables, with references in the ':bookmark_tabs: Datasets' part of the README.

Question 4

How does entropy analysis help in identifying packed malware?

Accepted Answer

Packed files often have higher entropy due to encryption or compression; the repository cites papers like 'Entropy analysis to classify unknown packing algorithms' that explain techniques for using entropy measures in detection, as found in the Literature section.

Question 5

What's the difference between UPX and VMProtect packers?

Accepted Answer

UPX is a simple open-source compressor, while VMProtect uses virtualization for obfuscation; the packer catalog in the project categorizes such tools by era and technique, aiding in comparative analysis based on their listings in the ':package: Packers' section.

Question 6

How do I start reverse engineering a packed Android APK?

Accepted Answer

Refer to resources like 'DroidPDF' and 'AppSpear' in the list, which cover tools and methods for unpacking and analyzing packed Android applications, though you'll need to access these external papers and tools separately.

Executable Packing

What is Executable Packing?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions