Jump to content

PE protection

Recommended Posts



Not sure if I understand how a compiled script loads
Like if there is any protections implemented - to some level at the loading time

Or is it that there shouldn't be any special difference if I simply include my functions at the beginning the script for protections and this has nothing to do with what the compiler does or adds or could do in the PE header ..

Functions that will act like: for instance :


One more thing:

Section: Compatibility with antivirus software 

what can possibly be made to make things work as mentioned there

trying to find any good leads on the topic 



I'm guessing these kind of things are done with a PE Wrapper\packer

here is a list for some available packers  https://en.wikipedia.org/wiki/Executable_compression#List_of_packers 

I understand most are not all suited for an autoit compiled script .. and offer very little compared to pelock

The autoit compiler offers the /no/pack option 
what can be a plan to extend its options and have it do other stuff with  added features as in pelock

I'm after being able to run some custom made functions at the Wrapper time
For instance get an HWID string and run it against some other string to check if it correctly decrypts to some protected string

All in all that it can be protected to some level, especially from wannabe hackers 

thriving to solve the false positive alerts as well ..

Edited by Deye

Share this post

Link to post
Share on other sites

To any expert one reading: if you have an interest in any of the points I had tried pointing out to @ OP and can briefly or extendedly explain about a strategy..  Then please pitch in


Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now