Up One Level


Compressors / Packers

 

Compressors, or Packers are legitimate compression utilities which will compress (make smaller) Windows® program files - .EXE files. In a similar way to using a popular file compression utility such as WinZip before e-mailing, compressors do the same for executable files. However, unlike WinZiped files, which require to be decompressed before loading, compressed executables run in their new state. Because of this, the executable will pass through any anti-virus scanning engine because the virus signature has been modified and the anti-virus software will not recognize it.

There are many free and available compression utilities and these have been responsible for many of the Trojan variant programs and worms which have caused so much damage. Here are a few examples of common compressors, AS-pack, PECompact, Petite, PKLite, NeoLite, Shrinker and WWpack32.

With such compressed files being able to circumvent your anti-virus software, what options are available? According to one hackers site, "The only way to stop an executable from harming your PC is to run it in a proactive "sandbox" environment and monitor its behaviour for malicious activity in real-time."


*** The Information Security Glossary ***
Previous PageTop of this pageNext Page



Buy Now:

 

This Glossary forms part of the RUsecure Security Policy Suite... visit RUsecure Security Policy World
Use of the guidance contained within RUsecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word
 Risk Associates: Resources for Security Risk Analysis, ISO 17799 / BS7799, Security Policies and Security Audit