Features
Yet Another Packer currently contains two main methods of obfuscation: the packer and the reassembler. The packer wraps the original application in a protective layer to prevent static analysis, along with additional features like anti-debug and anti-dump to make dynamic analysis more difficult. The reassembler disassembles the application and assembles it again using YAP's mutation engine.
Packer
- Dynamic shellcode generation & mutation
- Import obfuscation & emulation
- Delayed entry point
- DLL sideloading mitigations
- Direct syscalls
- Anti-dump
- Anti-debug
- Packer immitation
- Masquerading
- SDK integration
Reassembler
- Mutation
- Optional stripping of useless header data, debug symbols, and the DOS stub.
- SDK integration
Take a peek
| Feature | Unprotected | Protected |
|---|---|---|
| Packer |  |
 |
| Reassembler |  |
 |