[Packer] Add ASPack/ASProtect detection #52

New Issue

Closed

opened 2026-01-29 21:05:24 +00:00 by claunia · 2 comments

claunia commented 2026-01-29 21:05:24 +00:00

Owner

Copy Link

Originally created by @TheRogueArchivist on GitHub (Jan 12, 2022).

Both packers are actually still around today, though the new version of ASProtect seems to referred to as ASProtect 32/64. ASProtect 2.x seems to be referred to as ASProtect SKE, with either one version in common use, or PiD's version detection lacking. ASPack still seems to be available under the same name, ASPack identification should be relatively easy, as I see "aspack" inside of the header of the samples I've seen. I haven't seen that string, nor any equivalent, in ASProtect. This makes sense, since ASPack seems to be advertised as a more budget friendly packer that doesn't have as much emphasis on security. I assume ASProtect is essentially a form of ASPack+Security, but that's just a guess.

Official site: http://www.aspack.com/
ASPack unpacker: https://gist.github.com/abhisek/3659931
ASProtect RE: https://github.com/pstolarz/asprext

Originally created by @TheRogueArchivist on GitHub (Jan 12, 2022). Both packers are actually still around today, though the new version of ASProtect seems to referred to as ASProtect 32/64. ASProtect 2.x seems to be referred to as ASProtect SKE, with either one version in common use, or PiD's version detection lacking. ASPack still seems to be available under the same name, ASPack identification should be relatively easy, as I see "aspack" inside of the header of the samples I've seen. I haven't seen that string, nor any equivalent, in ASProtect. This makes sense, since ASPack seems to be advertised as a more budget friendly packer that doesn't have as much emphasis on security. I assume ASProtect is essentially a form of ASPack+Security, but that's just a guess. Official site: http://www.aspack.com/ ASPack unpacker: https://gist.github.com/abhisek/3659931 ASProtect RE: https://github.com/pstolarz/asprext

claunia closed this issue 2026-01-29 21:05:24 +00:00

claunia commented 2026-01-29 21:05:25 +00:00

Author

Owner

Copy Link

@mnadareski commented on GitHub (Jul 12, 2022):

https://unprotect.it/technique/aspack/

@mnadareski commented on GitHub (Jul 12, 2022): https://unprotect.it/technique/aspack/

claunia commented 2026-01-29 21:05:25 +00:00

Author

Owner

Copy Link

@mnadareski commented on GitHub (Jul 12, 2022):

Implemented in 8fb42bc12d

@mnadareski commented on GitHub (Jul 12, 2022): Implemented in https://github.com/mnadareski/BurnOutSharp/commit/8fb42bc12d94521559c961275897ba81b64336c0

claunia referenced this issue 2026-01-29 21:07:28 +00:00

[PR #52] [MERGED] Concurrent protection scans per file #256

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

rolling

3.5.0

3.4.6

3.4.5

3.4.4

3.4.3

3.4.2

3.4.1

3.4.0

3.3.4

3.3.3

3.3.2

3.3.1

3.3.0

3.2.3

3.2.2

3.2.1

3.2.0

3.1.16

3.1.15

3.1.14

3.1.13

3.1.12

3.1.11

3.1.10

3.1.9

3.1.8

3.1.7

3.1.6

3.1.5

3.1.4

3.1.3

3.1.2

3.1.1

3.1.0

3.0.2

3.0.1

3.0.0

2.9.0

2.8.0

2.7.0

2.6.0

2.5.0

2.3.4

2.3.3

2.3.2

2.3.1

2.3.0

2.1.0

2.0.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.1

1.5.0

1.4.1

1.4.0

1.03.9.1

1.03.9

1.03.8.2

1.03.8.1

1.03.8.0

1.03.7.1

1.03.5

1.03.7

1.03.6

Labels

Clear labels

bug

enhancement

help wanted

pull-request

Mirrored from GitHub Pull Request

question

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

claunia

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: SabreTools/BinaryObjectScanner#52