Table Of Contents
PE
Bastardized version of the COFF format The standard file format for exe,dll,sys,src files Portable on all windows OS and all cpus. PE files loaded onto the disc are the exact same format as it would be when loaded into memory
Good At:
- Holds 90% of information about a malware
- Import Tables
- Bypasses Packing
Structure
Unlike COM-type executables (where execution starts at the first byte), PE file format to tell us where exactly we start.
Image
