I remember at one point a few years ago I got my hands on what must have been a PDF with a big layout of all the important PE structures, with arrows pointing to where links and references are. I printed this in A4 letter size and stuck it somewhere visible... it came in handy many a times.

I can't seem to find this big graph anywhere though. I've tried searching various forums to no avail.

Does this spark anyone's memory?

You probably mean one made by Ero Carrera, I have my own copy at hxxp://sigsegv.pl/pub/info/PE%20Format.pdf

Not exactly the one I was looking for, but this will certainly do Oh yes... thank you very much!

FYI, here's the original: https://www.openrce.org/reference_library/files/reference/PE%20Format.pdf ("https://www.openrce.org/reference_library/files/reference/PE%20Format.pdf")

Hehe, I tried to find this one on OpenRCE quick before posting but I failed.

Does anyone know of any other graph?

When I get my hands on the one I am talking about (I printed it), I'll scan it here, try to OCR and post it.

@comrade: what wrong with the original microsoft document ?

http://www.microsoft.com/whdc/system/platform/firmware/PECOFF.mspx

Open it, print it as pdf and there you go. IMHO there is no better document out.

Regards,
OHPen

Amazing what you find when you're not looking for it. Another one for this thread, pretty basic compared to the earlier one mentioned though.

PE File Structure Poster by CB
http://beanprojects.co.uk/wp-content/uploads/2010/02/PEStructurePoster.pdf

http://beanprojects.co.uk/?p=25


My favorite when tracing something has always been

Exe file format with offsets rather than explanations
http://www.woodmann.com/IDArchive/ID-RIP/database/essays/fboyjoe/exe_hdr.html