SHANDONG SCIENCE ›› 2014, Vol. 27 ›› Issue (6): 67-72.doi: 10.3976/j.issn.1002-4026.2014.06.011

• Article • Previous Articles     Next Articles

Design and implementation of a 32bit PE file analyzer

WEI Wei,JI Wei   

  1. Department of Computer and Information Technology, Boustead College, Tianjin University of Commerce, Tianjin 300384, China
  • Received:2014-07-01 Published:2014-12-20 Online:2014-12-20

PDF (PC)

Like

Abstract: An executable file in Windows operating system is usually a PE (Portable Executable) format file. It can be analyzed by some ways. We take a PE file as a subject, and detailedly analyze its structure. We further devise and realize a 32bit PE file analyzer. It can analyze PE format of an executable file, including its MSDOS head, PE header, import and export tables, resource table, etc. It lays the foundation for file split, bundled Trojan, cracked program, encryption and decryption, etc.

Key words: Visual Studio2010, Windows system, PE file, PE analyzer, 32 bits

CLC Number: 

  • TP319

Open Access This article is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License (CC BY-NC 4.0), which permits third parties to freely share (i.e., copy and redistribute the material in any medium or format) and adapt (i.e., remix, transform, or build upon the material) the articles published in this journal, provided that appropriate credit is given, a link to the license is provided, and any changes made are indicated. The material may not be used for commercial purposes. For details of the CC BY-NC 4.0 license, please visit: https://creativecommons.org/licenses/by-nc/4.0

鲁ICP备10205608号
Website Copyright © Editorial Office of Shandong Science
Tel: 0531-82605310 E-mail: xuxy@qlu.edu.cn
Powered by Beijing Magtech Co. Ltd