1. Home
  2. Detection Strategies
  3. Detection of Software Packing

Detection of Software Packing

Technique Detected:  Software Packing | T1406.002

ID: DET0644
Domains: Mobile
Analytics: AN1721, AN1722
Version: 1.0
Created: 21 October 2025
Last Modified: 21 October 2025
Version Permalink

Analytics

AN1721

Application vetting services could look for known software packers or artifacts of packing techniques. Packing is not a definitive indicator of malicious activity, because as legitimate software may use packing techniques to reduce binary size or to protect proprietary code.

Log Sources
Data Component Name Channel
API Calls (DC0112) Application Vetting None

AN1722

Application vetting services could look for known software packers or artifacts of packing techniques. Packing is not a definitive indicator of malicious activity, because as legitimate software may use packing techniques to reduce binary size or to protect proprietary code.

Log Sources
Data Component Name Channel
API Calls (DC0112) Application Vetting None