Computer Hacking Forensic Investigator (CHFI v10) — Question 256

An investigator has acquired packed software and needed to analyze it for the presence of malice. Which of the following tools can help in finding the packaging software used?

Answer options

• A. SysAnalyzer
• B. PEiD
• C. Comodo Programs Manager
• D. Dependency Walker

Correct answer: B

Explanation

PEiD is specifically designed to detect the packers, cryptors, and compilers used on executable files, making it the ideal tool for this task. In contrast, SysAnalyzer is more focused on behavior analysis, Comodo Programs Manager manages installed software, and Dependency Walker analyzes dependencies rather than identifying packing software.