From Collaborative RCE Tool Library

Jump to: navigation, search

Packer Identifiers


Tool name: AT4RE FastScanner
Rating: 5.0 (1 vote)
Author: AT4RE Team                        
Website: http://www.at4re.com
Current version: 1.0
Last updated: April 9, 2008
Direct D/L link: Locally archived copy
License type: Free
Description: Yet another Win32 PE Packer/Protector Identifier.

[ Features ]

- Detect About 2017 Signatures in PE Files.
- Easy & Amazing & Fast GUI .
- Drag and drop Capabilities.
- Shell integration .
- Signatures Update by user , and notify after 3 month if Signatures file hasn't updated.
- Special Plugins by AT4RE , ' AT4RE PE Editor' , ...
- PEID Plugins Supported , just copy them to plugins directory.
- Full Package Contains most needed plugins.
Also listed in: (Not listed in any other category)
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: ActiveMARK Version Viewer
Rating: 0.0 (0 votes)
Author: Nacho_Dj                        
Website: http://arteam.accessroot.com/releases.html
Current version: 1.0
Last updated: April 14, 2008
Direct D/L link: Locally archived copy
License type: Free
Description: Tool for getting the ActiveMARK protection version used in a target.

It works an all released versions of the protection.

If the file selected is an executable, it will launch the target with the proper argument that lets you viewing the AM version:
- In AM releases previous to 6, it uses --AmClientVersion
- in 6 releases, it uses the Main Encription Key of the target.

If the file selected is a data file, it extracts the info to get the Packager used in its compresion & encryption.
This is available in executable files if the 'Don't launch executable' option is checked.

NB: Some AV detects this tool as a generic malware. Obviously it is not a malware and as all our release is 100% guaranteed to be free of any malware!
Also listed in: Protection Identifiers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: DiE (Detect it Easy)
Rating: 0.0 (0 votes)
Author: Hellsp@wn                        
Website: http://hellspawn.nm.ru
Current version: 0.64
Last updated: May 6, 2007
Direct D/L link: Locally archived copy
License type: Free
Description: Packer identifier that is supposed to be good.
Also listed in: Compiler Identifiers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: ExeInfo PE
Rating: 0.0 (0 votes)
Author: A.S.L.                        
Website: http://www.exeinfo.go.pl
Current version: 0.0.1.8 G
Last updated: May 08, 2008
Direct D/L link: http://w14.easy-share.com/1700345643.html
License type: Free
Description: Good detector for packers, compressors + unpack info + internal exe tools.
Also listed in: Compiler Identifiers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Jim Clausing's Malware Packer Signatures
Rating: 0.0 (0 votes)
Author: Jim Clausing                        
Website: http://isc.sans.org/diary.html?storyid=3432
Current version:
Last updated:
Direct D/L link: http://handlers.sans.org/jclausing/userdb.txt
License type:
Description: Custom malware packer signatures by Jim Clausing.
Also listed in: Packer Identifier Signatures
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Neil's Collection of Packer Signatures
Rating: 0.0 (0 votes)
Author: Neil The Hippie Killer                        
Website: http://www.peid.info/BobSoft/
Current version:
Last updated: December 5, 2007
Direct D/L link: http://www.peid.info/BobSoft/Downloads/UserDB.zip
License type:
Description: Neil's Collection of Packer Signatures
Also listed in: Packer Identifier Signatures
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: PEiD
Rating: 4.0 (1 vote)
Author: Jibz, Qwerton, snaker, xineohP                        
Website: http://www.peid.info/
Current version: 0.94
Last updated: May 10, 2006
Direct D/L link: http://www.peid.info/files/PEiD-0.94-20060510.zip
License type: Free
Description: PEiD detects most common packers, cryptors and compilers for PE files. It can currently detect more than 600 different signatures in PE files.

PEiD is special in some aspects when compared to other identifiers already out there!

1. It has a superb GUI and the interface is really intuitive and simple.
2. Detection rates are amongst the best given by any other identifier.
3. Special scanning modes for *advanced* detections of modified and unknown files.
4. Shell integration, Command line support, Always on top and Drag'n'Drop capabilities.
5. Multiple file and directory scanning with recursion.
6. Task viewer and controller.
7. Plugin Interface with plugins like Generic OEP Finder and Krypto ANALyzer.
8. Extra scanning techniques used for even better detections.
9. Heuristic Scanning options.
10. New PE details, Imports, Exports and TLS viewers
11. New built in quick disassembler.
12. New built in hex viewer.
13. External signature interface which can be updated by the user.
Also listed in: Compiler Identifiers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: packerid.py
Rating: 0.0 (0 votes)
Author: Jim Clausing                        
Website: http://handlers.sans.org/jclausing
Current version:
Last updated:
Direct D/L link: http://handlers.sans.org/jclausing/packerid.py
License type:
Description:
Also listed in: (Not listed in any other category)
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Panda Security Packer Signatures
Rating: 0.0 (0 votes)
Author: Panda Security                        
Website: N/A
Current version:
Last updated:
Direct D/L link: http://research.pandasecurity.com/blogs/images/userdb.txt
License type:
Description: Panda Security Packer Signatures
Also listed in: Packer Identifier Signatures
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Protection ID
Rating: 5.0 (2 votes)
Author: CDKiLLER and Tippex                        
Website: http://pid.gamecopyworld.com
Current version: 6.0 beta
Last updated: December 24, 2007
Direct D/L link: Locally archived copy
License type: Free
Description: The ultimate Game Protection Scanner

The current version does detect more than
250 exe-packers, PC ISO Protections, Dongles, Licenses and Installers in
such an exact and fake proof way you haven´t seen before in any scanning tool due the detailed checks.
False reports and detection where other tools fail are history.

Features

* Scanning of PC Games & Application files to detect the protection used(s)
* Detects most of the available executable compressor / crypter and it´s up to date in detecting the newest PC-Game protections
* Scanning CDs / DVDs for Tagés (only available on win2k / winxp, but no ASPI drivers required)
* Scan folders with all the included files
* Coded in 100% Win32 Assembly language, allowing it to run on every WinOS since Windows 95
* Easy scanning with the shell context menu 'Scan with Protection ID...' or drag & drop files into the (simple to use) GUI
* Ability to scan a cracked file and to get possible information which protection was originally used
* Check for the newest update and download it
* More strong scanning routines allowing it to detect multiple (!) protections in one file
* No additional files like VB Runtimes, MSVC dlls or ASPI drivers are required, you simply need one exe file !
* Constantly updated to detect the newest protections available for PC Games & Applications (hey which other tool has this feature too ? ;-)

* Detection for most of the available PC Game Protections
- 3P Lock
- CDCops
- CDLock
- Codelok
- JoWood X-Prot
- Laserlok / Laserlok Marathon
- Protect DiSC
- Ring-Protech
- Safedisc
- SecuROM
- Settec Alpha ROM
- SmartE
- SolidShield
- StarForce
- Sysiphus
- Tages
- VOB Protect CD/DVD


* PC Game Trial Protections
- ActiveMARK
- GameHouse Trial Wrapper
- INTENIUM Try & Buy detection
- KochMedia ePolice
- ReflexiveArcade Wrapper
- SVKP Online
- WildTangent Wrapper
- Zylom Wrapper


* Dongles
- DinKey
- Hardlock
- Guardant
- HASP Hardware Lock
- HASP Hardware Lock Envelope
- Key-Lok II
- SENTiNEL
- SENTiNEL SUPER PRO
- SmartKey
- WIBU


* Licenses
- CrypKey Instant
- CrypKey SDK
- eLicense
- FlexLM
- FlexNET
- HASP SL Licensing System
- InterLok
- nTitles Activator
- Protection Plus
- Release Software Corporations SalesAgent
- Safecast
- Sentinel License Manager


* .NET protectors
- {smartassembly}
- .NetZ
- dotFuscator
- DotNet Guard
- dotNet Protector v4 & v5
- dotNet Reactor v2.x / v3.x
- Sixxpack .Net Compressor
- XHEO CodeVeil


* EXE Packers / Protectors (freeware)
- ABC Crypt v1.0
- Alex Protector v1.0 Beta 2
- ANDpakk2
- Anslym Packer
- ARM Protector v0.1, v0.2, v0.3
- ASDPack v2
- Aver Cryptor v1.00, v1.02 Beta
- BamBam v0.0.1
- BeRoEXEPacker v1.00
- Beria v0.0.7
- Berio v1.0
- BitShape PE Crypt v1.5
- BJFNT v1.1, v1.2, v1.3
- CDS SS 1.0 Beta 1
- Celsius Crypter v2.1
- cEXE 1.0a / 1.0b
- CICompress v1.0
- CodeCrypt v0.15, v0.16 - v0.161, v0.163 - v0.164, [unknown version]
- Cryptic v2.0
- CRYPToCRACks PE Protector v0.9.2, v0.9.3
- DalKrypt v1.0
- Daemon Protect v0.6.7
- DEF v1.0
- DePack
- Dot Fix Fake Signer
- DragonArmor v0.0.4.1
- Dual´s EXE Encryptor v1.0, v1.1b
- Encrypt PE v1.2003.5.18, v2.2004.8.10 / 2.2006.1.15, v2.2006.10.1, v2.2007.4.11
- EP (EXE Pack)
- EP Protector v0.3 [AHTeam]
- Excalibur v1.03
- EXE Evil v1.0
- EXE ReFactor v0.2
- fEaRz Crypter v1.0 Beta 1
- fEaRz Packer v0.3
- FishPe Shield v2.0.1
- Forgot v1.0
- Frensh Layor v1.81
- FSG v1.0, v1.2, 1.3 - v1.31, 1.3.3, 1.33, v1.33a, 2.0
- Goat´s PE Mutilator v1.6
- Hide PE (ASProtect 1.2 [New Strain] method, VBOX 4.3 MTE method)
- hmimys PE-Pack v0.1
- JD Pack v1.01, v2.00
- KByS Packer v0.28 Beta
- KaOs PE eXecutable Undetecter
- kkrunchy
- Krypton v0.2, v0.3, v0.4, v0.5
- LameCrypt
- marcrypt v0.1
- MarjinZ ScramblerSE
- Mew 5 EXE Coder 0.1
- Mew 10
- Mew 11 SE v1.1 - v1.2
- mkfPack
- Morphine v1.2 - v1.3, 1.4 - v2.7
- mPack v0.0.2 & v0.0.3
- MSLRH v0.31a, v0.32
- MuCruncher
- MZ0oPE v1.0.6b
- MZ Crypt v1.0
- NFO v1.0
- Noodlecrypt v2
- nPack v1.1.250.2006 Beta, v1.1.300.2006 Beta
- Packanoid v1.0, v1.1
- PackItBitch v1.0
- Packman v0.0.0.1, v1.0
- Pack Master v1.6
- Passlock 2000
- PE 123 v2006.4.4
- PE-Armot (Hying) v0.x
- PEQuake v0.06
- PE Crypt v1.0x
- PE Diminisher v0.1
- PE LockNT v2.01, v2.02, v2.04
- PE Mangle
- PE Nguincrypt v1.0
- PE Nightmare
- PE Ninja
- PE Pack v0.99, v1.0
- PE Shield v0.1d, v0.2, v0.25, [unknown version]
- PE Shrink
- PE Spin v0.0b, v0.3, v0.41, v0.7, v1.0, v1.1, v1.3, [unknown version]
- PE Stub OEP v1.x (Entry Point Faker)
- PE Zip v1.0
- Perplex PE Protector v1.01
- PEX v0.99
- Poisen Ivy Crypter v1
- PolyCrypt PE
- PolyEnE
- Program Protector v1.x - v2.x
- Protect v0.1.3
- Protect EXE v0.4a Beta
- Punisher v1.5 (DEMO)
- QrYPt0r v1.0
- RLPack v1.16, v1.17, v1.18, v1.19, [unknown version]
- Sexe Crypter v1.1
- Shrink Wrap v1.4
- SimplePack v1.11
- Simple PE Crypter
- SLVc0deProtector v0.61, v1.1, v1.11
- Smokes EXE Shield v0.5
- Ste@lth PE v1.x, v2.x
- Stones PE Crypter v1.13
- TELock v0.42, v0.51, v0.60, v0.70, v0.71, v0.80, v0.85f, v0.90, v0.92a, v0.95, v0.96, v0.98b1, v1.00
- The Best Cryptor [by FsK]
- Thunderbolt v0.0.2
- TPP Pack
- unkOwn Crypter v1.0
- UPack v0.10 - v0.12, v0.20, v0.21, v0.22 - v0.23, v0.24 - v0.28, v0.29 - v0.33, v0.34 - v0.35, v0.36 - v0.39
- UPX, UPX Mutator, Visual UPX v0.2, [unknown / modified UPX]
- UPX Mutanter v0.2
- UPX Protector v1.0e
- UPX Scrambler
- UPX$HiT 0.0.1
- USSR v0.31
- VCrypt v0.9b
- Virogen Crypt v0.75
- VPacker v0.02.10
- WinKrypt v1.0
- XCR v0.12, v0.13
- xxPack v0.1
- Yoda´s Crypter v1.1, v1.2, v1.3
- Yoda´s Protector v1.0b, v1.02b, v1.02d, v1.02.05, v1.03.01 BETA, v1.03.02 BETA, v1.03.3
- YZPack v1.1 & v1.2
- Z-Code v1.01


* EXE Packers / Protectors (commercial)
- ACProtect v1.09, v1.10, v1.20, v1.21, v1.22, v1.23, v1.3c, v1.32, v1.35 - v1.40, v2.0
- Air EXE Lock
- Akala EXE Lock
- Armadillo (lots of specific versions and version ranges)
- ASPack v1.00b, v1.01b, v1.02b, v1.03b, v1.05b, v1.06b / v1.061b, v1.07b, v1.08.00, v1.08.01, v1.08.02, v1.08.03, v1.08.04, v2.000, v2.001, v2.1, v2.11, v2.11c / v2.11d, v2.12, v2.12b
- ASProtect v1.0, v1.1, v1.11, v1.2, v1.22 - v1.23, 1.23 RC4 - v1.3.08.24, v1.23 RC4 (Registered), v1.31 Build 2004.04.27, v1.32, v2.0, v2.1 SKE, v2.2, v2.3, 2.1 - v2.3, 2.x [unknown version]
- Bit-Arts Crunch v5.0
- CopyMinder
- Cryptolock
- DBPE v2.33
- Enigma Protector v1.02 Build 3.10, v1.02 Build 4.00, v1.11, v1.12, v1.14, v1.16
- EXE32Pack v1.37, v1.38, v1.42
- EXE Cryptor v1.5.x
- EXE Cryptor 2.0.0 - 2.1.0, 2.2.0 - v2.2.6, 2.3.0 - v2.3.9, 2.2.0 - 2.4.0, 2.4.0 (or newer), 2.xx [unknown version]
- EXE Guard v1.3
- EXE Password 2004 v1.111, 1.112, v1.114, [unknown version]
- EXE Password Lock v1.01
- EXE Prot v1.x
- EXE Protector v2.x
- EXE Safe v2.0
- EXE Shield 2.7, v2.7b, v2.8a, v2.9, v3.6, v3.7
- EXEStealth v2.70, v2.73, v2.74, v2.75, v2.75a
- ExPressor v1.0, v1.1, v1.2, v1.3, v1.4, v1.5
- E-Zip v1.0
- Ion Ice EXE Lock v1.0
- KasperSky Pack
- MazePath EXELockout v3.0
- MoleBox 2.0.0 - v2.3.0, 2.2.3, 2.2.4, 2.2.5, v2.2.6, v2.2.8, v2.3.0, v2.3.3 v2.4.0, v2.5.0, v2.5.5, v2.5.12 - v2.6.3, 2.3.3 - v2.6.4
- Neolite v1.x - v2.x
- NSPack 2.3 - v2.7, v2.9, v3.0, v3.1, v3.3, v3.4, v3.5, v3.6, v3.7, [unknown version]
- nTitles Verifier for .NET
- NTkernelPacker v0.1 (exe + dlls)
- Obsidium v1.0.0.61, v1.1.1.0, v1.1.1.4, v1.2.0.0, v1.2.5.0, v1.3.0.0, v1.3.0.4, v1.3.3.4, v1.3.3.7, v1.3.3.9, v1.3.4.1, [unknown version]
- ORiEN v2.12
- PC Guard v4.06, v5.00, v5.01
- PEBundle v3.xx
- PE Compact v1.00 - v1.3x, v1.40 - v1.50, v1.55, v1.56 - v1.65, v1.66 - v1.84 v2.0 Beta Build 52, v2.00 - v2.10, v2.20 - v2.79, 2.xx [unknown version]
- PE Lock v1.0x
- Petite v1.2, v1.3, v1.4, v2.2, v2.3, [unknown version]
- PKLite32 v1.1
- Private EXE v2.x
- SD Protector v1.12, v1.16
- Special EXE Password Protector
- Shegerd EXE Protector & Anti-Debugger
- Shrinker v3.4, v3.5, [unknown version]
- Softdefender v1.0 - v1.1
- Soft Sentry v3
- Software Compress v1.2, v1.4
- SoftWrap
- SVKP v1.051, v1.11, v1.3x - v1.4x, [unknown version]
- Themida v1.0.0.0 - v1.8.1.0, v1.8.2.0 (or newer)
- Trial Master v2.x
- VBO Watch 3
- Visual Protect
- Vcasm-Protector v1.0
- VM Protect 1.00 - v1.10, 1.20 - v1.50
- WinLicense v1.0.0.0 - v1.8.1.0, v1.8.2.0 (or newer)
- WWPack32 v1.xx
- X-treme Protector v1.00 - v1.06, 1.07 - v1.08, 1.07 BUiLD 12-12-03, 1.08 BUiLD 15-12-03, 1.08 FiNAL


* Installers
- 7 - Zip SFX Setup Module
- AKInstaller Module
- Aquarius Soft Self-Extractor Archive
- Astrum Install Wizard
- AW Install Engine
- BinPatch
- Bitarts Install Wrap
- Blizzard PrePatch Module
- Clickteam Install Maker
- Clickteam Patch Maker
- Create Install 2003
- Gentee Installer
- Ghost Installer
- GKWare SFX Setup
- Inno Setup
- InstallAware Setup Module
- Installer 2 Go
- InstallShield v5.53.168.0, v6.31.100.1221, v7.1.100.1242, v7.7.0.262, v8.x, v9.1.0.429, v10, v10.5, v11, v12
- Install Zip Setup
- IZarc Self Extractor
- Microsoft SFX CAB Module
- Nullsoft SFX Setup
- Paquet Builder - Enhanced Self-Extracting Zip Module
- Patch Wise
- PKSFX Module
- Power Archiver 2003 v8.x SFX Module
- QSetup SFX Kernel
- Red Shift Installation System
- RTPatch Module
- Setup Factory
- SFX Factory!
- Silicon Realms Install Module
- Sony Self-Extracting Packager Archive
- Spoon Installer
- Tarma Installer Module
- VISE Mindvision Wizard
- WinAce Self-Extractor Module
- WinRAR SFX Archive
- WinZip SFX
- Wise Installation Wizard
- Zip Central SFX Module
- Zip SFX Archive
- Z-Up Maker SFX Archive
- Zylom Games Setup Module
Also listed in: Protection Identifiers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: RDG Packer Detector
Rating: 0.0 (0 votes)
Author: RDGMax                        
Website: http://www.rdgsoft.8k.com
Current version: 0.6.5
Last updated:
Direct D/L link: Locally archived copy
License type: Free
Description: Packer detector that should be good.

RDG Packer Detector is a detector for packers, Cryptors, Compilators, Packer Scramblers, Joiners, Installers.

-Rapid detection engine.
-Potent detection engine that analyses the whole file,allowing multi-detection of simultaneous packers.
-Allows the creation of your own signatures.
-Contains a crypto-analyzer.
-Calculates file checksums.
-Able to analyze entropy, detecting program compression or encryption state.
-OEP Detector.
-You can check and download signatures from the server, RDG Packer Detector is always up to date.
-Plug-in Loader..
-Signature convertor.
-Detection of false Entry Point tricks.
-De-Binder: an extractor of bundled files.
-Improved heuristic engine.
Also listed in: Compiler Identifiers
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)


RSS feed Feed containing all updates and additions for this category.

RSS feed Feed containing all updates and additions for this category, including sub-categories.


Subcategories

There is one subcategory to this category.


Retrieved from "http://www.woodmann.com/collaborative/tools/index.php/Category:Packer_Identifiers"



Views
Category Navigation Tree
RCE Tools
   Categorized by Target Type  (98)
   Categorized by Tool Type  (626)
   Anti Anti Test Tools  (8)
   Assemblers  (14)
   Code Coverage Tools  (9)
   Code Injection Tools  (17)
   Code Ripping Tools  (1)
   Crypto Tools  (2)
   Data Extraction Tools  (14)
   Debuggers  (26)
   Decompilers  (13)
   Deobfuscation Tools  (5)
   Dependency Analyzer Tools  (3)
   Diff Tools  (26)
   Disassemblers  (25)
   Dongle Tools  (8)
   Exe Analyzers  (22)
   Compiler Identifiers  (4)
   Packer Identifiers  (11)
   Protection Identifiers  (3)
   Firefox Extensions  (1)
   GUI Manipulation Tools  (9)
   Hex Editors  (10)
   Kernel Tools  (5)
   Memory Data Tracing Tools  (6)
   Memory Patchers  (3)
   Memory Search Tools  (6)
   Monitoring Tools  (68)
   Network Tools  (12)
   PE Executable Editors  (42)
   Packers  (10)
   Patch Packaging Tools  (6)
   Profiler Tools  (9)
   Programming Libraries  (23)
   Regular Expression Tools  (3)
   Resource Editors  (7)
   Reverse Engineering Frameworks  (7)
   Source Code Tools  (11)
   String Finders  (5)
   Symbol Tools  (5)
   System Information Extraction Tools  (4)
   Technical PoC Tools  (3)
   Test and Sandbox Environments  (12)
   Tool Extensions  (103)
   Tool Hiding Tools  (1)
   Tool Signatures  (19)
   Tracers  (10)
   Unpacking Tools  (33)
   Needs New Category