Run include exe from memory

eriksradio · Post by **eriksradio** » Wed Sep 10, 2003 12:13 am

If CreateFile(1, "xxxx.exe")
UseFile(1)
L1= ?ExitProc-?Inc
WriteData(?Inc,L1)
CloseFile(1)
Goto BeginProgram
Inc:
IncludeBinary "xxxx.exe"
ExitProc:
EndIf

This works perfectly and produces "xxxx.exe" in the application directory.

Is it possible to extract this file to memory and run it from there
without producing the "xxxx.exe" file.

I am a newbie so lots to learn.

sec · Post by **sec** » Wed Sep 10, 2003 6:37 am

Hear same *packer* program .

Seldon · Post by **Seldon** » Wed Sep 10, 2003 7:05 am

It's possible to run it from memory (UPX works like that), but it is not that easy.. as you must reproduce the system PE-program launcher and that means to work with system structures, etc.. I think you could find informations about that on Google. I'd suggest you to include your .EXEs as resources and not like program data (IncludeBinary). In this way, you won't load them in system memory till you'll extract them. See my post on Tricks section of this forum.

eriksradio · Post by **eriksradio** » Thu Sep 11, 2003 4:18 am

Seldon wrote:It's possible to run it from memory (UPX works like that), but it is not that easy.. as you must reproduce the system PE-program launcher and that means to work with system structures, etc.. I think you could find informations about that on Google. I'd suggest you to include your .EXEs as resources and not like program data (IncludeBinary). In this way, you won't load them in system memory till you'll extract them. See my post on Tricks section of this forum.

Thanks Seldon,
I have read your res article.
Looks like I will have a bit of homework to do, but that is the fun of it.