PE Anatomist(PE文件解析器)v0.2.11511便携版

PEAnatomist是一个用于分析PE文件内部数据结构。PE文件 (Portable Executable) 就是可移植性可执行文件，它支持解析 EXE、DLL、SYS、OCX、SCR、CPL、TLB、OLB、MUI、IME、BPL、OBJ、EXP、LIB 等 PE 文件格式。

加载文件后，软件会解析出 PE 数据结构，并做一定的数据分析，可查看的信息包括 DOS Header、File Header、Optional Header、Signature、Section、DLL Import、ResourCEs、Base Relocations、IAT 等。

使用管理员权限运行 PEAnatomist.exe 的话，还可以设置文件关联，直接从可执行文件右键菜单调用PE Anatomist进行解析。

制作与使用说明

本软件为便携版本，下载解压后直接执行主程序PEAnatomist.exe即可，可将要分析的文件直接拖入 PE Anatomist 窗口。

软件配置保存在PEAnatomist.cfg文件中。

彻底清理本绿色版请以管理员权限执行 [Uninstall].bat 脚本。

更新日志

Fixed the error in determining the minor version of VS 2017-2019 when decoding the Rich signature (regression 0.1.13 and 0.1.14)

Fixed decoding of RT_STRING resources in the presence of incorrect data

Added tab with detailed description of PE resource headers

Resource tab redone to list without grouping by resource type

Fixed sorting of the list of resources

The procedure for parsing the resource directory has been changed, new criteria for data correctness have been added

Fixed processing of the settings file during the first launch of the program

Corrected the behavior of the COFF character parser in the presence of incorrect info about long symbol names

Fixed the bug of constructing the context menu for listview in virtual mode

Fixed saving the selected file type filter in the "Open file" dialog

Fixed incorrect recognition of UTF16 lines in rare cases

Added page of detected ANSI and UTF16 lines in PE file

Added CodeView Debug Info parsing for OBJ files

Added CodeView Debug Symbols parsing for OBJ files

Added parsing of CodeView Types for OBJ files

Added parsing of new CodeView Debug Symbol records up to S_REGREL32_INDIR_ENCTMP inclusive

Added parsing of new CodeView Type leafs up to and including LF_INTERFACE2

Added parsing of type information in OBJ files compiled by MSVC with the /GL flag or others in MS ILStore format

PE Anatomist shows almost all known data structures inside PE, OBJ or LIB files and makes some analytics.