PE (portable executable) file pack detection method based on static characteristics

The invention discloses a PE (portable executable) file pack detection method based on static characteristics. Before a target PE file is practically unpacked, a method of the static analysis on characteristics of the PE file is used for detecting whether the PE file is packed. Only the packed PE file needs to be handed to a general unpacking tool to unpack, and the unpacked codes are subject to virus detection by anti-virus software. Because the process that the practically unpacked PE file is processed by the general unpacking tool, the PE file pack detection process based on the static characteristics has the advantages of short time consumption, low false report rate and low failed report rate, thus improving the virus detection process and saving processing time.