Please select a template

EnCase App Central

Extend the power of EnCase. Access, download and install software apps built by expert EnScript developers that help you get down to business – faster.

Become a Developer

Windows Executable Packer Detection

APPS | Utility

This script uses various methods to detect known executable file packers. The script first parses the structure of the PE data, then uses known characteristics of this structure to identify the packers.

This script was developed for use in EnCase training. For more details, please click the following link:

OpenText EnCase Training

Download Now

DISCUSSION BOARD

FAQ

Version: 1.1.2

Tested with:
EnCase Forensic 7.03

Developer: James Habben

Category: Utility

2990 Downloads

201 Downloads in last 6 months

YOU MAY ALSO LIKE

Utility

Export Result-Set to Project VIC

This script is designed to extract a user-specified result-set to a Project VIC data-set.

By Simon Key
94 Downloads
7 Downloads in last 6 months

Utility

Microsoft Word ASD Document Viewer

This EnScript plugin allows Autosave Document (ASD) files to be extracted and opened with Microsoft Word.

By Simon Key
581 Downloads
54 Downloads in last 6 months

Utility

Multiple Date Range Filter - Entries Only (EnFilter)

This EnScript filter allows the examiner to show/hide entries using multiple date-ranges and one of four different logic options.

By Simon Key
168 Downloads
19 Downloads in last 6 months

Utility

Registry Viewer Plugin

This script allows the examiner to to use a right-click context-menu-option or keyboard shortcut to view Registry hive files (SYSTEM, SOFTWARE, SECURITY, SAM, NTUSER,DAT, etc.).

By Simon Key
756 Downloads
91 Downloads in last 6 months