本文介绍了检测exe 32/64位的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述 29岁程序员，3月因学历无情被辞！ 我如何手动[没有任何额外的脚本/程序]看看Windows可执行文件是否为32/64位？ 我一直在环顾四周，发现应该怎样一直是我的答案。 在60字节中，据我所知，下面的数字是假设出现的。 I386 0x014c IA64 0x0200 AMD64 0x8664 $ hr 编辑 跳转到PE偏移量后，我仍然没有看到机器类型。我做了一个Find&没有看到任何匹配[除非由于某种原因而接近底部]。 64 86 06 00不在上面的列表中，所以我不知道我在做什么错。 记事本.exe（64bit） 4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E8 00 00 00 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68 69 73 20 70 72 6F 67 72 61 6D 20 63 61 6E 6E 6F 74 20 62 65 20 72 75 6E 20 69 6E 20 44 4F 53 20 6D 6F 64 65 2E 0D 0D 0A 24 00 00 00 00 00 00 00 83 C2 32 29 C7 A3 5C 7A C7 A3 5C 7A C7 A3 5C 7A CE DB D8 7A C6 A3 5C 7A CE DB C9 7A C5 A3 5C 7A CE DB CF 7A DA A3 5C 7A C7 A3 5D 7A 33 A3 5C 7A CE DB DF 7A D3 A3 5C 7A CE DB D5 7A CC A3 5C 7A CE DB C8 7A C6 A3 5C 7A CE DB CD 7A C6 A3 5C 7A 52 69 63 68 C7 A3 5C 7A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 B3 C9 5B 4A 00 00 00 00 00 00 00 00 F0 00 22 00 0B 02 09 00 00 A8 00 00 00 58 02 00 00 00 00 00 70 35 00 00 00 10 00 00 00 00 00 00 01 00 00 00 00 10 00 00 00 02 00 00 06 00 01 00 06 00 01 00 06 00 01 00 00 00 00 00 00 50 03 00 00 06 00 00 49 E7 03 00 02 00 40 81 00 00 08 00 00 00 00 00 10 01 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 F8 CF 00 00 2C 01 00 00 00 40 01 00 60 F1 01 00 00 30 01 00 B4 06 00 00 00 00 00 00 00 00 00 00 40 03 00 B8 00 00 00 10 B7 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E0 02 00 00 38 01 00 00 00 C0 00 00 F0 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2E 74 65 78 74 00 00 00 70 A7 00 00 00 10 00 00 00 A8 00 00 00 06 00 00 00 00 00 00 00 00 00 00 解决方案 60个字节出现的不是m achine类型，但PE头的偏移量。 （在这种情况下，0x00000100：256字节。）PE头开始：'P'，'E'，00,00。之后是机器类型。 How do I manually [without any extra scripts/programs] see if a Windows executable is 32/64 bit?I have been looking around and found what should have been my answer.At 60 bytes in, the numbers below is suppose to appear, as far as I understand.I386 0x014cIA64 0x0200AMD64 0x8664EditAfter jumping to the PE offset, I still did not see the machine type. I did a Find & did not see any matches [unless its near the bottom for some reason].64 86 06 00 is not in the list above, so I dont know what I am doing wrong. Notepad.exe (64bit)4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 E8 00 00 000E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 6869 73 20 70 72 6F 67 72 61 6D 20 63 61 6E 6E 6F74 20 62 65 20 72 75 6E 20 69 6E 20 44 4F 53 206D 6F 64 65 2E 0D 0D 0A 24 00 00 00 00 00 00 0083 C2 32 29 C7 A3 5C 7A C7 A3 5C 7A C7 A3 5C 7ACE DB D8 7A C6 A3 5C 7A CE DB C9 7A C5 A3 5C 7ACE DB CF 7A DA A3 5C 7A C7 A3 5D 7A 33 A3 5C 7ACE DB DF 7A D3 A3 5C 7A CE DB D5 7A CC A3 5C 7ACE DB C8 7A C6 A3 5C 7A CE DB CD 7A C6 A3 5C 7A52 69 63 68 C7 A3 5C 7A 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 <--B3 C9 5B 4A 00 00 00 00 00 00 00 00 F0 00 22 000B 02 09 00 00 A8 00 00 00 58 02 00 00 00 00 0070 35 00 00 00 10 00 00 00 00 00 00 01 00 00 0000 10 00 00 00 02 00 00 06 00 01 00 06 00 01 0006 00 01 00 00 00 00 00 00 50 03 00 00 06 00 0049 E7 03 00 02 00 40 81 00 00 08 00 00 00 00 0000 10 01 00 00 00 00 00 00 00 10 00 00 00 00 0000 10 00 00 00 00 00 00 00 00 00 00 10 00 00 0000 00 00 00 00 00 00 00 F8 CF 00 00 2C 01 00 0000 40 01 00 60 F1 01 00 00 30 01 00 B4 06 00 0000 00 00 00 00 00 00 00 00 40 03 00 B8 00 00 0010 B7 00 00 38 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 E0 02 00 00 38 01 00 0000 C0 00 00 F0 07 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 002E 74 65 78 74 00 00 00 70 A7 00 00 00 10 00 0000 A8 00 00 00 06 00 00 00 00 00 00 00 00 00 00 解决方案 What appears 60 bytes in isn't the machine type but the offset of the PE header. (In this case, 0x00000100: 256 bytes.) The PE header begins: 'P', 'E', 00, 00. What comes after that is the machine type. 这篇关于检测exe 32/64位的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！ 上岸，阿里云！