Advertisements

PEframe – Tool To Perform Static Analysis On Malware

PEframe is an open source tool to perform static analysis on Portable Executable malware and generic suspicious file. It can help malware researchers to detect packer, xor, digital signature, mutex, anti debug, anti-virtual machine, suspicious sections and functions, and much more information about the suspicious files.

Requirements:

  • Python 2.7.x

Installation:

  • To install from PyPI:
# pip install https://github.com/guelfoweb/peframe/archive/master.zip
  • To install from source:
$ git clone https://github.com/guelfoweb/peframe.git
$ cd peframe
# python setup.py install


Note: For Windows environment, you need to follow the instructions here:

Usage:

$ peframe <filename>            Short output analysis

$ peframe --json <filename>     Full output analysis JSON format

$ peframe --strings <filename>  Strings output

Advertisements

Leave a Reply

Your email address will not be published. Required fields are marked *

Advertisements
Advertisements
Advertisements
Advertisements
%d bloggers like this: