Current location - Quotes Website - Signature design - How to determine whether an EXE file has been packed?
How to determine whether an EXE file has been packed?

1. Entry feature identification method

PEID\FFI and other shell checking tools all use this method

2. File entropy calculation, reference

/s?cl=3&wd=%CE%C4%BC%FE%EC%D8%D6%B5&fr=ikw1000

3. Section method:

Judgment Is the file entry point in the first section? If not, it means it has been packed.

It is recommended to go to [Kanxue Security Forum], there are many similar articles on it.