top of page

Malware Initial Assessment

Malicious executables often attempt to hide their behavior and evade detection. By doing so, they present anomalies and suspicious patterns. Pestudio is a free tool that allows you to perform an initial assessment of a malware without even infecting a system or studying its code.


Pestudio works on any Windows machine without installation. Its footprint is zero – it makes no modifications to the system. Since the tool never starts the executable being analyzed, one does not even need a sandbox to analyze malware. There is essentially no risk of infection.



Features:

⤷ Transform RAW data into information;

Spot anomalies;

Detect embedded files;

Collect imports , exports, strings, resources , ...;

Provide hints, indicators, groups;

Provide @ MITREattack indicators;

Retrieve scores from @ Virustotal;

Consume configurations files;

Create XML report.


There are two different versions of PeStudio - Standart and Pro:


Screenshoots:





38 views0 comments

Recent Posts

See All

Cyrillic Alphabet

Exploring the Cyrillic Alphabet: A Beginner's Guide Have you ever come across the Cyrillic alphabet and wondered what it's all about? Maybe you've seen it on Russian websites, or perhaps you've notice

MacOS | Recording a Packet Trace

A packet trace is a record of traffic traveling across the network. It’s useful for investigating complex network problems related to both correctness and performance. Once you start a packet trace on

DNS Guard

Absolutely everything is connected to the internet these days, from TV to smart light bulbs, from mobile devices to smart cars. Given those ads and ad trackers are everywhere on the Internet, a browse

Comments


bottom of page