Jump to content


Photo

What software to use to read exe files?


  • Please log in to reply
6 replies to this topic

#1 tuckan

tuckan

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 07 September 2005 - 11:13 AM

I was courious what software do you use to read EXE files? What I am looking for is when these garbage ware programs install these files, I would like to be able to read what they are doing (if that is poss). I am not a programer, more a network admin person. I realize there will be a lot of information I would not understand at first, but will learn it. I would like to get a better understanding of what these files are doing. Especially when something new comes out. Maybe this isn't possible but I thought I would ask and see.

Right now I have a computer with a file that keeps re-writing itself and I would like to see if I could pull any information about it. I posted a tread in the malware removal and waiting to see if anybody has heard of this before.

#2 Tuxedo Jack

Tuxedo Jack

    Creator of TuxPE, a Cat5-o'-9-Tails, Etherkillers, and more

  • Expert
  • PipPipPipPipPip
  • 1,758 posts

Posted 07 September 2005 - 01:45 PM

If you don't have unpackers and hex editors, I highly recommend the greatest editing tool ever created on any platform. It edits code, writes pages, creates documents, and on top of all that, it's freeware.

What is it, you ask?

NOTEPAD!
Signature file is under revision. This will be back shortly.

#3 Swandog46

Swandog46

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 10,190 posts

Posted 07 September 2005 - 02:08 PM

I like Filealyzer, by the Spybot-S&D team:
http://www.safer-net...rg/en/download/

#4 nl255

nl255

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 07 September 2005 - 02:29 PM

A couple of relatively easy programs to use would be a hex editor such as XVI32 (freeware) and a program called strings which extracts any text from an executable. If you really know what you are doing, then you might want to try software like ndisasm (disassembler), WinDbg (debugger) or Bochs (emulator with debugger). Keep in mind that WinDbg requires two systems and Bochs is extremely slow as Bochs is an interpretive emulator unlike some others which use virtualization or dynamic recompilation.

#5 tuckan

tuckan

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 07 September 2005 - 02:33 PM

Thanks for replying! I had no idea Notepad would read an EXE file. I just downloaded the filealyz program and will try that also.

#6 JRosenfeld

JRosenfeld

    Advanced Member

  • Full Member
  • PipPipPip
  • 143 posts

Posted 07 September 2005 - 03:52 PM

I think it's somewhat misleading to say that you can use Notepad to 'read' exe files. Usually what it displays will be gibberish to most people and provide few (if any) clues as to what the .exe does (which I gather is what you want to know).

#7 Swandog46

Swandog46

    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 10,190 posts

Posted 07 September 2005 - 10:26 PM

Well, Notepad will display whatever the ASCII equivalent of the binary code in the EXE file is.... so in some sense that is 'reading' the EXE.... but not in a very useful way, of course, you are right. A strings extract is probably a better bet.




Member of UNITE
Support SpywareInfo Forum - click the button