TinyLoad
simple PE packer with LZ77 compression and custom VM encryption for Windows executables.
simple PE packer with LZ77 compression and custom VM encryption for Windows executables.
v7 adds runtime memory encryption, overlay structural obfuscation, and tamper detection. The payload is never fully decrypted in memory at any point — pages are decrypted on first access and re-encrypted after 200ms of idle time.
Previous versions protected the payload at rest and wiped imports on load. v7 ensures the payload is never fully decrypted in memory at any given moment — even if an analyst dumps the process, most pages are encrypted XOR noise. The watchdog re-encrypt cycle means the window to capture decrypted code is at most 200ms per page.
The overlay hardening means finding where the payload starts requires extracting and hashing the stub's .text section to derive stubKey. The chunk splitting, interleaving, and encrypted metadata make static overlay carving impractical.
v6 doesn't just hide the payload — it hides the stub itself. Every major function is now flattened through indirect dispatch tables, the VM interpreter has no recognizable switch statement, and the opcode decoder is split across four independently-keyed tables.
tryRun is broken into 6 stages dispatched through a function pointer table — no linear flow to trace. The PE loader (runInMem) is split into 5 stages using the same pattern.noiseDecrypt() fires at scattered points — every stage, every 64 VM iterations. Real sdec2 calls (IAT hooking) are drowned in identical-looking decoys. Dynamic traces become useless.
v5 protected the payload. v6 protects the protector. Every major code path in the stub now runs through indirect function calls — the control flow graph is a web, not a tree. The VM interpreter has no switch statement to fingerprint. String decryption calls that used to be precise markers for "here's where the stub reads encrypted data" are now indistinguishable from noise. An analyst can't tell which sdec2 call is real and which is a decoy without executing every path.
The split opcode decoder means even if you recover one subtable key — perhaps by guessing that HLT always maps to opcode 0 — you only get 8 opcodes. The remaining 20 are behind three different keys derived from different data.
v5 doubles down on anti-analysis. The payload is now worthless without the stub at runtime — dumping from memory gets you a broken executable with no import table.
Previous versions protected the payload at rest. v5 protects it at runtime too — even if an analyst dumps the decrypted payload from memory, they get an exe with no import table, IAT entries pointing to dead addresses, and no way to automatically remap them. They'd have to manually reverse every IAT slot by its stub address.
v4 is finally here. We focused heavily on anti-analysis and hardening to make TinyLoad practically invisible to standard debuggers and automated unpackers.
A virtual machine is great for hiding the decryption routine, but it doesn't help if an analyst can just step through it or dump the unpacked payload from memory right before execution. The new anti-debugging mechanisms prevent them from even starting the debugging process.
The section scrambling completely breaks automated tools that rely on specific packer signatures, forcing analysts to manually reverse the VM just to figure out where the payload actually lives.
TinyLoad is a simple tool for packing Windows executables. it compresses the input file and encrypts the payload using a custom virtual machine. when the packed executable runs, it spins up a VM interpreter, decrypts the payload, and loads it directly into RAM.
the whole thing is one .cpp file with no external dependencies.
TinyLoad.exe --i app.exe --c
TinyLoad.exe --i app.exe --o packed.exe --vm --c
TinyLoad.exe --i app.exe --vm --c --veh
| Flag | What it does |
|---|---|
--i <file> |
input executable to pack |
--o <file> |
output path, defaults to inputname_packed.exe |
--vm |
encrypt payload with custom VM, randomized ISA every build |
--c |
compress with LZ77 |
--veh |
VEH page-fault decryption |
custom hash-chain LZ77 with a 64KB sliding window and deep chain search. uses lazy match evaluation to pick better matches. compression runs on the raw PE first, then VM encryption is applied on top so patterns in the compressed stream are also hidden.
a custom 28-opcode VM interpreter is embedded in the stub. at pack time the opcode table is split into four 8-entry subtables, each XOR-encrypted with an independent key — so every packed file has a different instruction set spread across multiple decode layers. the decryption program is stored as bytecode with 128-bit keys embedded as immediate values. v6 replaces the switch-based dispatch with a computed-goto jump table built from encrypted label offsets.
--veh maps all PE section pages as PAGE_NOACCESS. A vectored exception handler decrypts pages on first access and restores their original section protection (PAGE_EXECUTE_READ for .text, PAGE_READONLY for .rdata). A watchdog thread re-encrypts pages after 200ms of inactivity with a 256-slot LRU cache. Memory dumps capture only recently-accessed pages — cold pages remain encrypted XOR noise.
grab the source on GitHub or download the latest build: releases.