APC Concept

AutoIt program container

An optional part of the build process where AutoCamo lightly compresses and embeds the standalone interpreter within a small(ish) program called a loader.

When executed the loader decompresses then executes the interpreter in the memory space of a child instance of itself with the same commandline parameters then exits if it is a windows program, or it waits for the child to exit before exiting itself with the childs exitcode if it is a console program.

Why use it?

* Fairly lightweight obstruction of some common memory and file analysis based AutoIt decompilers.

* Interpreter resource items are compressed along with the interpreter; meaning they are not immediately visible with a resource editor/viewer. Only the main icon version information and xml manifest are added to the loader from the interpreter (If they exist).

* Some options support the interpreter being compressed with tools such as a packers before being added to the loader and exe protectors or packers being used upon the loader after in some cases.

* One loader supports directing the interpreter to execute a different resource embedded A3X other than its default using a commandline parameter.

Why not to use it?

* None of the loaders are compatible with the 64 bit standalone interpreter.

* Loaders have as much potential to be falsly mistaken as malicious as a standalone does, sometimes leading to more severe and numerous false positives.

* Poor overall compression ratio compared to real executable compressors that individually compress and realign the section tables.

* The act of executing the interpreter in the memory space of a child instance of the loader means that briefly for windows applications and permanently during runtime for console applications; two process names of your application will be present.

* If you embedded icons within the interpreter and are trying to reference them in your program without using resource api functions they will be inacessible because they do not exist in the loader itself.

* Loaders are not designed for large applications such as installers with big fileinstalls regardless of the standalone version you are using.

* Anyone with a speck of a skillset or determination (or a good reason) will still be able to get to your original sourcecode.