PEiD – Popular PE packer/cryptor/compiler detector

PEiD (short for PE iDentifier) is a well-known professional packer/cryptor/compiler detecting tool. It’s so powerful that it can detect the types/signatures of almost any PE file packing tools (at present, the number has been more than 600 kinds). In addition to the official version, AppNee also provides you its full-plugin version, which can be treated as the most perfect one version (contains 60+ plugins and necessary runtime library files: mfc70.dll, msvcr70.dll, rtl70.bpl, vcl70.bpl) on the Internet at present. I do believe reverse engineers or software cracking/unpacking enthusiasts must like it very much.

PEiD mainly utilizes the search and find of characteristic string to finish the signature recognizing work. This is because a variety of programming languages have their respective and fixed startup code section. By this, we can identify what programming language a PE file used to compile it. Besides, PE files processed by a packing program will keep the corresponding packer’s information. Through this, we can identify what packer a PE file used to encrypt it.

In addition, PEiD provides an extensible interface file ‘userdb.txt’, in which users are allowed to customize some signatures. This way, we are able to identify more new PE file’s signature types (the production of signature can be finished with the ‘Add Signature’ plug-in). BTW, there is a universal unpacker among PEiD plug-ins, which can take off most of packers. And, if the import table is damaged after unpacking, it can also automatically call up the ‘ImportREC’ to repair this import table.

// Key Features //

  • It has a superb GUI and the interface is really intuitive and simple.
  • Detection rates are among the best given by any other identifier.
  • Special scanning modes for *advanced* detection of modified and unknown files.
  • Shell integration, Command line support, Always on top and Drag’n’Drop capabilities.
  • Multiple file and directory scanning with recursion.
  • Task viewer and controller.
  • Plugin Interface with plugins like Generic OEP Finder and Krypto ANALyzer.
  • Extra scanning techniques used for even better detection.
  • Heuristic Scanning options.
  • PE details, Imports, Exports and TLS viewers
  • built in quick disassembler.
  • built in hex viewer.
  • External signature interface which can be updated by the user.

// 3 Different and Unique Scanning Modes //

Normal Mode Scans the PE files at their Entry Point for all documented signatures. This is what all other identifiers also do.
Deep Mode Scans the PE file’s Entry Point containing section for all the documented signatures. This ensures detection of around 80% of modified and scrambled files.
Hardcore Mode Does a complete scan of the entire PE file for the documented signatures. You should use this mode as a last option as the small signatures often tend to occur a lot in many files and so erroneous outputs may result.

*** The scanner’s inbuilt scanning techniques have error control methods which generally ensure correct outputs even if the last mode is chosen. The first two methods produce almost instantaneous outputs but the last method is a bit slow due to obvious reasons!

// Included Plugins //

  • UnreaL.DLL
  • advanced_scan.dll
  • AntiSPack.dll
  • crc32.dll
  • Easy Screen 1.3.0.dll
  • eCrap.dll
  • eCrapOepVerify.dll
  • EPScan.dll
  • ExtOverlay.dll
  • ExtractOverlay.dll
  • FC.DLL
  • FileInfo.dll
  • FixCRC.DLL
  • FNE.dll
  • GenOEP.dll
  • GUID.dll
  • IDToText.DLL
  • ImpREC.dll
  • kanal.dll
  • Morphine.DLL
  • oepscan.dll
  • ohfixer_v01.dll
  • Oversaver.dll
  • Patch_Maker_0.5.0.dll
  • PE2HTML.dll
  • PE2HTML.exe
  • PEExtract.DLL
  • PEiDBundle.DLL
  • PESniffer4PEiD.ASM
  • PESniffer4PEiD.DLL
  • PlgLdr.dll
  • PluginEx.dll
  • pluzina.dll
  • pluzina1.dll
  • pluzina4.dll
  • QuickChSum.dll
  • RebuildPE.dll
  • RelocRebuilder.dll
  • SecFix.dll
  • SecTool.DLL
  • Sendspy.dll
  • StringViewer.dll
  • unbero.dll
  • undef.dll
  • UnFakeNinja.DLL
  • unfsg.dll
  • UnitsBrowser.dll
  • UnRCrypt.DLL
  • UnRPolyCrypt.DLL
  • UnUPolyX.dll
  • unupx2.dll
  • UnUPXShit.dll
  • UPXI.dll
  • uupx.dll
  • VerA.dll
  • xInfo.DLL
  • XNResourceEditor_Plugin.DLL
  • XP.dll
  • ZDRx.dll

// Command Line Parameters //

peid -time Show statistics before quitting
peid -r Recurse through subdirectories
peid -nr Don’t scan subdirectories even if its set
peid -hard Scan files in Hardcore Mode
peid -deep Scan files in Deep Mode
peid -norm Scan files in Normal Mode
peid <file1> <file2> <dir1> <dir2> n/a

You can combine one or more of the parameters. For example:

  • peid -hard -time -r c:\windows\system32
  • peid -time -deep c:\windows\system32\*.dll

// System Requirements //

  • Visual Studio .NET 2002 (for MFC70.DLL)
  • Microsoft Visual C++ 2008 Redistributable Package
  • Microsoft Visual C++ 2010 Redistributable Package

// Prompts //

The plugin ‘xInfo.DLL‘ can only work under Windows 32-bit, not supports for Windows 64-bit (causes PEiD to crash/exit instantly).

// Download URLs //

Version Type Download Size
v0.95 Original 384 KB
along with most plugins and runtime library files 2.94 MB

(No Homepage) 

// Related Posts //
Remix OS Player – Most advanced Android app & game emulator for PC
If you would not like to install a full Android OS on your hard disk or USB flash drive using the Remix OS for PC, just want to run some Android apps or ...
[v8.6.6] Power Audio Extractor – Extract audio from video in batch with ease
I believe you must feel the same or similar way - not all favorite music can be found according to their names and then download or buy them. Especially the ones used in video as ...
Easy File Locker – Fully protect personal files and folders with ease
Easy File Locker (EFL for short) is a very compact and user-friendly file/folder all-round protection (locking, hiding, etc.). Any file/folder protected by it will not be able to be accessed, no ...
DEMUL – Irreplaceable 3D arcade game emulator for Windows
As a matter of fact, if you want to perfectly play New Knights of Valour: The Seven Spirits and Fist of the North Star such kind of 3D series of ...
[v0.12] SSF – Best Sega Saturn emulator for Windows
Sega Saturn (SS for short) is Sega's sixth generation of home video game console (32-bit), hence, they named it with the name of the sixth planet 'Saturn' in Solar System. At that time, the most ...
APK-Info – Android APK file info viewer & renamer
APK-Info is a simple but quite practical tiny freeware designed to view the detailed information of Andoird APK installation package and rename APK app under Windows. It was originially created by ZoSTeR from ...
PasswordFox – Firefox username/password viewer, retriever
PasswordFox is a tiny password recovery tool, designed for viewing or recovering user name, password and other related info stored in Mozilla Firefox web browser. By default, PasswordFox will display your password info stored ...
Ikachan – Cave Story-like underwater exploration game
Ikachan is a Cave Story-like, doujin-type underwater cave exploration tiny game written in C++ by Daisuke Amaya (also the developer of Cave Story) of Studio Pixel from Japan, first released in 2000. As ...
Database .NET – Simple, universal multiple-database visual manager
Database .NET is a .NET based All-In-One database manager from Taiwan. It supports managing a dozen of databases and database interfaces at the same time. Portable with single executable file ...
Kali Linux 101 Video Training Courses in one package
Whether you wish to be a hacker who is interested in hacking wireless network, web app, database; cracking password, software....; or want to engage in cyber security related works in the ...
Remix OS Player – Most advanced Android app
[v8.6.6] Power Audio Extractor – Extract audio from
Easy File Locker – Fully protect personal files
DEMUL – Irreplaceable 3D arcade game emulator for
[v0.12] SSF – Best Sega Saturn emulator for
APK-Info – Android APK file info viewer &
PasswordFox – Firefox username/password viewer, retriever
Ikachan – Cave Story-like underwater exploration game
Database .NET – Simple, universal multiple-database visual manager
Kali Linux 101 Video Training Courses in one

  • Copy text content from AppNee: You are welcomed to do this, but do remember one thing: leave us a backlink. Otherwise, finally you will destroy our pay and effort, and get yourself blacklisted/banned by the entire SAYS group.
  • Download link: Any download link does not work, email us to fix it for you.
  • Software version: Want to get newer version of some software, email us.
  • Virus scan: Always remember to do this by yourself using VirusTotal or VirSCAN (more trustworthy). Sometimes, we may forget it or get infected with virus.
  • Email reply: As long as we could take time out from daily work & study, we would manage to answer every email worth to reply as soon as possible.
  • Software recommendation: For excellent software you're finding but we did not share (make sure you searched through AppNee first), please let us know (via the Feedback). Then we will do our best to find all possible resources for you. But, there is no guarantee.
  • Warnning: Before asking any questions, you'd better make sure you have read the post through, and do not use a fake email. Besides, never put too much hope on AppNee, or you will be very disappointed.