SHANDONG SCIENCE ›› 2014, Vol. 27 ›› Issue (6): 67-72.doi: 10.3976/j.issn.1002-4026.2014.06.011
• Article • Previous Articles Next Articles
WEI Wei,JI Wei
Received:
Online:
Published:
Abstract: An executable file in Windows operating system is usually a PE (Portable Executable) format file. It can be analyzed by some ways. We take a PE file as a subject, and detailedly analyze its structure. We further devise and realize a 32bit PE file analyzer. It can analyze PE format of an executable file, including its MSDOS head, PE header, import and export tables, resource table, etc. It lays the foundation for file split, bundled Trojan, cracked program, encryption and decryption, etc.
Key words: Visual Studio2010, Windows system, PE file, PE analyzer, 32 bits
CLC Number:
WEI Wei,JI Wei. Design and implementation of a 32bit PE file analyzer[J].SHANDONG SCIENCE, 2014, 27(6): 67-72.
0 / / Recommend
Add to citation manager EndNote|Reference Manager|ProCite|BibTeX|RefWorks
URL: https://www.sdkx.net/EN/10.3976/j.issn.1002-4026.2014.06.011
https://www.sdkx.net/EN/Y2014/V27/I6/67
Cited