ephex - SpybotWiki

Copyright © 2000-2008
Safer Networking Ltd.
All rights reserved.

ephex

[Page] [Discussion] [View source] [History]

Jump to: navigation, search

`ephex`
Variants	`ephex`
Previously
Group	Binary Anywhere Matching
Version	advcheck.dll ??? < 1.5.4.5

Bytes with offset from entry point, ?? as wildcard allowed.

Contents

1 Usage
- 1.1 Examples
- 1.2 Description
2 See also
- 2.1 Similar parameters
- 2.2 Similar commands

Usage

ephex=<offset(int)>|<hh>[hh[hh[hh[hh]...]]]

Examples

ephex=0|558BEC83C4F0

Would detect the following code at the entry point of the file:

PUSH EBP
MOV EBP, ESP
ADD ESP, F0

Description

Use offset to specify an offset to the file entry point (has to be a Portable Executable file).

See also

Similar parameters

Similar commands

Retrieved from "http://wiki.spybot.info/index.php/Ephex"

Categories: Advanced file parameters | Advanced file parameters for Binary Anywhere Matching