RSS

PE packer with randomized VM ISA per output file (C++)

iamsopotatoe2 pts0 comments

GitHub - iamsopotatoe-coder/TinyLoad: simple PE packer/crypter for Windows. compresses and encrypts executables with a custom virtual machine into a self-extracting stub. · GitHub

/" data-turbo-transient="true" />

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

/;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

iamsopotatoe-coder

TinyLoad

Public

Notifications<br>You must be signed in to change notification settings

Fork

Star<br>12

main

BranchesTags

Go to file

CodeOpen more actions menu

Folders and files<br>NameNameLast commit message<br>Last commit date<br>Latest commit

History<br>44 Commits<br>44 Commits

LICENSE

LICENSE

README.md

README.md

TinyLoad.cpp

TinyLoad.cpp

build.bat

build.bat

index.html

index.html

View all files

Repository files navigation

TinyLoad V4.0

simple PE packer for Windows. compresses and encrypts executables with a custom virtual machine into a self-extracting stub.

how it works

TinyLoad appends your compressed payload to a copy of itself. when the packed exe runs it uses a custom VM interpreter, executes the decryption bytecode against the payload, then loads and runs it directly in RAM.

every time you pack a file the VM opcodes are randomly shuffled and baked into the stub. So every packed file speaks a different instruction set. standard disassemblers can't auto-trace the decryption without reversing the interpreter first.

everything is in one .cpp file, no dependencies.

download

grab a precompiled binary from releases or build it yourself.

building from source

you need MinGW (g++) installed. just run:

g++ -o TinyLoad.exe TinyLoad.cpp -static -O2 -s

or use the included build.bat.

usage

[--o ] [--vm] [--c]">TinyLoad.exe --i [--o ] [--vm] [--c]

flag<br>description

--i<br>input exe to pack

--o<br>output path (default: input_packed.exe)

--vm<br>custom VM encryption

--c<br>LZ77 compression

examples

TinyLoad.exe --i myapp.exe --c<br>TinyLoad.exe --i myapp.exe --o packed.exe --vm --c<br>TinyLoad.exe --i myapp.exe --vm

you need at least one of --vm or --c.

compression

custom LZ77 with hash-chain matching, 64KB sliding window, and lazy evaluation. typically gets decent ratios on PE files since they have a lot of repeated structure. compression runs on the raw input first, then VM encryption is applied on top so patterns in the compressed stream are also hidden.

vm encryption

v4 uses a custom 32-opcode virtual machine. the opcode table is randomly shuffled at pack time — every packed file gets a different ISA. the decryption logic is stored as bytecode with the keys embedded as immediates directly in the program.

v4 introduces Opaque Predicates into the VM to stall static analysis, and PE Section Scrambling to trick auto-unpackers into missing the payload overlay. It also includes basic anti-debug checks (IsDebuggerPresent, CheckRemoteDebuggerPresent) directly integrated into the loader stub.

the cipher itself is a 128-bit stream cipher using rotl/rotr key mixing, run entirely through the VM so there's no native decryption loop to fingerprint.

Graph:

license

MIT

Sidenotes

This works on all files i tested it on, if it breaks on some of your files please open an issue to let me know.

If you want to suggest any improvements or future updates please open an issue.

if you use it, a star helps a lot Check out our blog at https://iamsopotatoe-coder.github.io/TinyLoad/#blog for future updates and changelogs!

Tinyload v4.0 adds anti-debugging, VM opaque predicates, and PE section scrambling

Please do not use this tool to pack any malicious software or malware, it is intended to be used for legitimate purposes.

About

simple PE packer/crypter for Windows. compresses and encrypts executables with a custom virtual machine into a self-extracting stub.

iamsopotatoe-coder.github.io/TinyLoad/

Topics

vm

obfuscation

protection

compression

packer

virtual-machine

reverse-engineering

virtualization

pe-loader

opcode

crypter

anti-analysis

pe-packer

av-edr-bypass

pepacker

pe-compression

pe-compress

pe-xor

peprotection

pe-protection

Resources

Readme

License

MIT license

Uh oh!

There was an error while loading. Please reload this page.

Activity

Stars

12<br>stars

Watchers

watching

Forks

fork

Report repository

Releases

v4.0 Bug...

tinyload custom packer file files virtual

Related Articles

Elevated error rates on requests to multiple models

recroad9 ptsclaude incident islands rates elevated error

Donald Trump and sons to be 'forever' exempt from tax audits

doener9 ptsdigital access newsletters premium financial times

PopuLoRA: Co-Evolving LLM Populations for Reasoning Self- Play

AMavorParker8 ptstasks model training self populora play

Old Reddit Is Down

Crunsher7 ptsdata autoplay videoplayerelement comments function false

The ultimate female fantasy – A feminist critique of Beauty and the Beast

muge6 ptsbeast story paglia beauty older butler
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.