![]() Right-clicking any item displays an option to search for it in Google or MSDN. Sometimes there's a DIRECTORY_ENTRY_DEBUG section which shows you when the EXE was compiled, and its location on the developer's hard drive.Ī "Strings in file" section locates strings of characters in the file and organises them into four categories: ASCII, Unicode, URL and Registry. (This relies on the Windows API but should still work just fine in most situations.) If the EXE has a digital signature then a DIRECTORY_ENTRY_SECURITY section gives you details on its name, date and more. NT Header > Optional Header has an item indicating whether it's a GUI or console program. NT Header > File Header tells you whether this is a 32 or 64-bit EXE. While this is aimed at experts, there are elements here that could be helpful to anyone. You're able to edit sections, view entropy and MD5 calculations, dump elements of the file, even browse it in depth with a built-in hex editor. ![]() ![]() Professional PE Explorer is a tiny free tool for investigating executable files: EXE, DLL, SYS, SCR, OCX and more.ĭrag and drop the suspect file, potential malware or whatever else onto the program and a left-hand tree lists some of its structures: DOS Header, NT Header, Section Headers, assorted directory entries and more. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |