pepack - check if a PE file is packed
pepack [OPTIONS]... pefile
pepack uses a pre-defined database to check packer signatures patterns in PE file. If no database is set, pepack tries to identify if executable is packed. It’s part of pev, the PE file analysis toolkit.
pefile is a PE32/PE32+ executable or dynamic linked library file.
−d, −−database <database>
Use database file (default: ./userdb.txt).
−f, −−format <text|csv|xml|html>
Change output format (default: text)
−V, −−version
Show version and exit.
|
−−help |
Show help. |
Check sample.exe for packers signatures:
$ pepack sample.exe
Please, check the latest development code and report at https://github.com/mentebinaria/readpe/issues
ofs2rva(1), pedis(1), pehash(1), peldd(1), peres(1), pescan(1), pesec(1), pestr(1), readpe(1), rva2ofs(1)
Copyright (C) 2012 - 2020 pev authors. License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/gpl-2.0.txt>. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.