摘要： 对可执行文件加壳是保护软件的一种有效方法。但常用的加壳软件采用的是一种静态加壳技术，所有被加壳后的可执行文件都具有部分相同的代码，这样就增加了软件被破解的可能性，不能完全满足PE文件保护的需求。针对这一不足，在分析PE文件格式和加载机制的基础上，提出PE文件动态加壳的思想，设计和实现了一种PE文件动态加壳软件。试验结果表明其可以有效地提高PE文件的自我保护能力。

关键词: PE文件, 加壳, 多态引擎, 变形

Abstract: It is an effective method to protect software by packing Portable Executable(PE) files. But the technology which is commonly used by most packing software is a statically packing technology, and it exists a shortage that all the PE files packed by the same packing software have partly uniform code, thus increases the possibility of the packed software being decrypted, which can not fully satisfy the requirement to protect PE files. Based on the analysis of the PE file format and loading mechanism, this paper proposes the idea of dynamically packing for PE files, designs and implements a prototype of dynamically packing for PE files. The experimental results show dynamically packing technology can be used to improve the protection capability of PE files.

Key words: PE files, packing, polymorphic engine, metamorphism

中图分类号: 

• TP393.08