PE-Packer is a simple packer for Windows PE files. The new PE file after packing can obstruct the process of reverse engineering.
Warning
This project is just a demo for beginners to study Windows PE Format and Assembly Language. It still has some compatibility problems and bugs that cannot be used in practice.
How it works:
It will do the following things when packing a PE file:
- Transforming the original import table.
- Encrypting sections.
- Clearing section names.
- Installing the shell-entry.
When running a packed PE file, the shell-entry will decrypt and load the original program as follows:
- Decrypting sections.
- Initializing the original import table.
- Relocation.
Source:
Code:
https://github.com/czs108/PE-Packer
Credits to original author:
Chenzs108