How to disassemble Win32 DLLs and EXEs under linux

Step by step

  1. You have to get a good binutils version source tarball (e.g. from I used 2.9. 2.9.1 is supposed to be OK. Versions like are linux specific and support for other targets is (sometimes) broken.
  2. See the file README in the base directory of the package for help on configure and make.
  3. You now have two alternatives:
  4. Make.
  5. Run the resulting objdump (it's in the binutils/ directory, or you can install it) on your file.
    $ ./objdump --disassemble /mnt/c/windows/system/driver.dll


The BFD target for MS-Windows95/98 DLLs/EXEs is pei-i386. Objdump detects this format automagically so you don't need to bother about it.

Much of the junk in the windows/ directory of even Win98 is 16-bit code. Objdump can't disassemble it.