Demo: UPX

Choose a file that contains strings, and run:

upx -o <packedFileName> <fileToPack>
strings <fileToPack> | wc
strings <packedFileName> | wc

What do you see?

$ strings test_malware.exe
# full words and potential error messages

$ upx -o packed test_malware.exe

$ strings packed
# no human-readable strings

$ strings test_malware.exe | wc
700 1978 15062

$ strings packed | wc
659 716 4029

PreviousPacked and Obfuscated Malware NextPortable Executable File Format (PE)

Last updated 4 years ago