Run-time binary packers are used in malware manufacturing to obfuscate the contents of the executable files. Such packing has proved an obstacle for antivirus software that relies on signatures, as the binary contents of packed malware often bears no resemblance to the original code on which the signature was generated. A naive approach, then, is to first attempt to unpack the malware before applying a signature. Unfortunately, malware authors make use of automated tools that drastically reduce the cost of constructing new packers, and as a result, attackers routinely use previously unseen packer when releasing new malware. As a first step towards addressing this problem, we seek to build a binary program classifier that can differentiate packers and identify new packers as they emerge. We hypothesize that programs generated from the same packer share many common attributes (e.g., PE header fields) and that these may be used for packer identification. Preliminary work shows that for some packers, we may be able to build effective classifiers. This is only the first step in a line of research that seeks to identify new packers, automate their unpacking, and ultimately track new versions of malware as they emerge.