无壳程序与有壳程序的部分实例(Exeinfo PE测试)

时间:2022-11-01 21:00:59


无壳:
(1)MS Visual C# / Basic.NET ] - EP Token : 06000005
(2)TASM / MASM / FASM - assembler - 2015-04-03
(3)Autoit v3.3.12.0 - Jonathan Bennett & AutoIt Team ( 01.06.2014 ) - www.Autoitscript.com/autoit3 - exe stub : Microsoft Visual C++ v.11 - 2012 ( E8 ) microsoft.com
(4)Borland C++ Copyright 2002 Borland Corporation *ACM
(5)Borland C++ 2007-2010 - Embarcadero RAD Studio - Copyright 2009 Embarcadero Technologies, Inc.
(6)Borland Delphi ( 2.0 - 7.0 ) 1992 - borland.com
(7)MS Visual Basic 5.0-6.0 EXE (2015-03-16)
(8)Microsoft Visual C++ ver 5.0/6.0 - 2015-03-17
(9)Microsoft Visual C++ 9.0 - 2008 ( E8 ) Visual Studio 2008 - no sec. Cab/7z/Zip
(10)Microsoft Visual C++ v.12 - 2013 ( E8 ) microsoft.com - no sec. Cab/7z/Zip
(11)E language / EPL v4.x (Easy Programming Language) www.dywt.com.cn - CHN - stub : Microsoft Visual C++ ver 5.0/6.0
(12)E language / EPL v1 - x.x (Easy Programming Language) www.dywt.com.cn - CHN : partial packed

有壳:
(1)Aspack v2.24 - 2.42 ( 2017.06.27 ) -> Alexey Solodovnikov - www.aspack.com *ACM
(2)EP signature (EB08) with Packer ID via “TAGG” - Unknown Packer-Protector , 4 sections - CRC Set - / Self Write code ? unknown Protection [ Size Of Code = 00 Kb - FIX IT ! NSTD ! ]
(3)Themida & WinLicense 2.0 - 2.4.6 - struct (Hide from PE scanners II-V)
(4)UPX -> Markus & Laszlo ver. [ 3.91 ] <- from file. ( sign like UPX packer )
(5)Generic check : VMProtect v.2.07 - X.X 2003-2013 VMProtect Software - www.vmpsoft.com


标签:

相关文章