Malware Initial Assessment

Malicious executables often attempt to hide their behavior and evade detection. By doing so, they present anomalies and suspicious patterns. Pestudio is a free tool that allows you to perform an initial assessment of a malware without even infecting a system or studying its code.


Pestudio works on any Windows machine without installation. Its footprint is zero – it makes no modifications to the system. Since the tool never starts the executable being analyzed, one does not even need a sandbox to analyze malware. There is essentially no risk of infection.



Features:

⤷ Transform RAW data into information;

Spot anomalies;

Detect embedded files;

Collect imports , exports, strings, resources , ...;

Provide hints, indicators, groups;

Provide @ MITREattack indicators;

Retrieve scores from @ Virustotal;

Consume configurations files;

Create XML report.


There are two different versions of PeStudio - Standart and Pro:


Screenshoots:




gif

17 views0 comments

Recent Posts

See All

Here I will show you a command that will help you to transfer files faster between computers, it's very useful when you need to transfer a large amount of files. You can do it to transfer to others ha

Do you want to build by yourself a LAN server right on your Windows computer? Here you have some steps to do it works. #1) Go to openspeedtest.com; #2) Click on DOWNLOAD link; #3) Download and install

In Web and Internet development you are unable to see what is being sent and received between your web browser / client and the server. Without this visibility it is difficult and time-consuming to de