SHANDONG SCIENCE ›› 2014, Vol. 27 ›› Issue (6): 67-72.doi: 10.3976/j.issn.1002-4026.2014.06.011

• Article • Previous Articles     Next Articles

Design and implementation of a 32bit PE file analyzer

WEI Wei,JI Wei   

  1. Department of Computer and Information Technology, Boustead College, Tianjin University of Commerce, Tianjin 300384, China
  • Received:2014-07-01 Online:2014-12-20 Published:2014-12-20

Abstract: An executable file in Windows operating system is usually a PE (Portable Executable) format file. It can be analyzed by some ways. We take a PE file as a subject, and detailedly analyze its structure. We further devise and realize a 32bit PE file analyzer. It can analyze PE format of an executable file, including its MSDOS head, PE header, import and export tables, resource table, etc. It lays the foundation for file split, bundled Trojan, cracked program, encryption and decryption, etc.

Key words: Visual Studio2010, Windows system, PE file, PE analyzer, 32 bits

CLC Number: 

  • TP319