TinyLoad v6 — split opcode tables, encrypted dispatch, and control flow flattening

TinyLoad v6 is out. if you haven't seen it before — it's a PE packer for Windows. one .cpp file, no dependencies, MIT. repo here.

v5 hardened the stub itself with encrypted strings, IAT wiping, and opmap obfuscation. v6 goes after the two biggest remaining fingerprints: the switch statement in the VM interpreter, and the single contiguous opcode table. both are gone.

the problem with a switch statement

every version of TinyLoad up to v5 had a vmRun function with a giant switch(op) dispatching 28 opcode handlers. this is the most fingerprint-able thing in any custom VM — disassemblers recognise the pattern immediately, and once you have the handler layout you can reconstruct what each opcode does without ever running the code.

v6 replaces it entirely with a computed-goto dispatch table using GCC's &&label extension: