With winpcap or libpcap I can find the port. But how do I know which app was listening to the port while the package was received? Thank in advance
In general, that information cannot be derived purely from the pcap file.
IP, TCP, and UDP headers have addresses and port numbers, but they don't have anything indicating the application from which they're sent or to which they're being received.
That information would have to be determined on the machine running the application; the way that's done depends on the operating system.