1. The web installer has a pretty inefficient design. Firstly, it stores all its files (unpacked/downloaded) into the present working directory. Secondly, for determining the capabilities of the CPU, it unpacks a file called "cpucheck.exe" in the present working directory, which gets executed; which in turn creates a "cpucheck.txt" file, which is read by the installer.
Shouldn't unpacked/downloaded files be kept in %temp%? And as for determining 32/64 bit, isn't it better to simply do it programatically?
2. Why is it so heavily packed? (I'm sure that you have some good intents behind this, but I just wanted to ask.)
Code: Select all
C:\>trid palemoon-websetup.exe
TrID/32 - File Identifier v2.10 - (C) 2003-11 By M.Pontello
Definitions found: 5114
Analyzing...
Collecting data from file: palemoon-websetup.exe
41.1% (.EXE) UPX compressed Win32 Executable (30569/9/7)
35.7% (.EXE) Win32 EXE Yoda's Crypter (26569/9/4)
8.8% (.DLL) Win32 Dynamic Link Library (generic) (6581/28/2)
6.0% (.EXE) Win32 Executable (generic) (4508/7/1)
2.7% (.EXE) Win16/32 Executable Delphi generic (2072/23)
Code: Select all
C:\>upx -d palemoon-websetup.exe
Ultimate Packer for eXecutables
Copyright (C) 1996 - 2013
UPX 3.09 Markus Oberhumer, Laszlo Molnar & John Reiser Feb 18th 2013
File size Ratio Format Name
-------------------- ------ ----------- -----------
2116135 <- 789543 37.31% win32/pe palemoon-websetup.exe
Unpacked 1 file.
Code: Select all
Unable to access resource data.
Disk read error! File may be damaged.