18
5
Is there any way to detect (or to hide) the compiler that was used to build an executable file?
18
5
Is there any way to detect (or to hide) the compiler that was used to build an executable file?
12
PEiD is pretty good
PEiD detects most common packers, cryptors and compilers for PE files. It can currently detect more than 600 different signatures in PE files.
PEiD is special in some aspects when compared to other identifiers already out there!
- It has a superb GUI and the interface is really intuitive and simple.
- Detection rates are amongst the best given by any other identifier.
- Special scanning modes for advanced detections of modified and unknown files.
- Shell integration, Command line support, Always on top and Drag'n'Drop capabilities.
- Multiple file and directory scanning with recursion.
- Task viewer and controller.
- Plugin Interface with plugins like Generic OEP Finder and Krypto ANALyzer.
- Extra scanning techniques used for even better detections.
- Heuristic Scanning options.
- New PE details, Imports, Exports and TLS viewers
- New built in quick disassembler.
- New built in hex viewer.
- External signature interface which can be updated by the user.
8
Try the *nix utility strings. Using strings -a foo.exe
should produce a pile of results. Redirect to a file and examine in your favorite editor. You may see either a line that directly implicates a specific compiler, such as Borland C++ - Copyright 2002 Borland Corporation. You might only be able to find lines that imply a specific compiler was used, such as in an include path or whatever.
Strings is also available for windows as part of cygwin, or as part of the microsoft sysinternals package.
It doesn't show me the compiler name only some dll names project – Eduardo Xavier – 2014-03-25T12:57:28.683
3
(Old but okay..)
Language 2000 : http://farrokhi.net/language
1
Not free, but IDA Pro has a very nice compiler detection. Not it's main function of course, but a nice extra.
0
If you can find a way to examine the first dozen or so bytes of the EXE file, in a hex dump with corresponding ASCII characters displayed, they will usually indicate the compiler used.
This usually isn't true. The first part of a PE file is the DOS stub which is usually a program that prints something like "This program cannot be run in DOS mode." – lesderid – 2011-10-12T13:11:40.693
1i was wondering if someone or some software can find if the exe was build with a specific compiler edition (Visual Studio 2010 Professional or Enterprise or Express) – Remus Rigo – 2009-12-08T22:35:37.640
-1
You can use "dependency walker" to check what runtime library it links to. MSVCP100 is Microsoft Visual C++ 2010 x86
If it cannot detect the compiler something like Nothing found [Overlay] * will be shown - which is confusing if you use that tool for the first time. – mbx – 2014-11-17T13:30:06.870
"The site ahead contains harmful programs" - Google Chrome. Here's a better link.
– Ben N – 2016-04-03T15:57:32.4704"PEiD detects most common [...] compilers for PE files." that's what the readme says - actually it does not tell how to achive that – mbx – 2011-08-18T00:42:49.677
@Sathya Note, the included link is now dead. – DuckMaestro – 2012-12-05T01:06:56.850
@DuckMaestro updated witi an alternative link – Sathyajith Bhat – 2012-12-05T02:58:45.813