Which technique is used to compress malware into a smaller footprint and pack it to evade detection?

Packaging malware to shrink its size and evade detection is achieved with a packer. A packer compresses the executable and wraps it with a small loader that unpacks the original code in memory when it runs. This reduces the on-disk footprint and changes the binary’s structure enough to avoid simple signature checks, making static analysis harder. The loader then reconstructs the payload at runtime, so security tools see the packed stub first rather than the actual code. This is different from a crypter, which primarily encrypts the payload to hide its contents; an obfuscator focuses on making the code harder to understand without necessarily shrinking the file or unpacking at runtime; a downloader’s role is to fetch additional malware rather than pack the current one.