Hiding protector signature !

Hi,

Can I hide the remove the protector signature from the protected files .. so no one will be able to know which protector I use ?? and for that they have to unpack it manually .

Thanks

I don't think that there is a general way, it is not something that like "all protectors have a dword at location this and this and this dword is 123 for this protector, 456 for that protector, etc". All have their own characteristics, and different protector identifiers use different characteristics too.

[Kyrios]

Morphine ??

[Crudd[RET]]

Check out this thread: http://exetools.com/forum/showthread.php?t=6226
Its only a few days old. And dont forget about the search function .
Crudd [RET]

That was indeed the same question as i did ask a few days ago, but like Crudd already said, it aint that easy to just remove the section name with a PE editor because most packers/protecters do use crc check in the protected files, so when you remove the section name you also have to fix the crc.

Some protectors offer you the option to give their section a blank or another name, but most signature detecting tools dont look to the section name but to an internal signature or code patterns. (if i did understand it right)

EXECryptor 2.x can't detected tools like PEID and can't produce stable signatures in protected exe's

some file identifiers uses a few started bytes form executrable to find out the protector type, if you want to hide this you can manually change the first code (that is hard to do) or you can write own protector , tha's the way too
but now, PE identifilers uses more advanced techniqes to detect the protector..