peframePE靜態(tài)分析工具

peframe是一款命令行下的惡意PE文件靜態(tài)分析工具,主要特點(diǎn):

• Hash MD5 & SHA1
• PE file attributes
• Version info & metadata
• PE Identifier Signature
• Section analyzer
• Imported DLLs & API functions
• Search for suspicious API & sections
• Dumping all the information
• Extract all the string
• Extract all the url
• Reverse Hex dump
• List Entry instances

   

介紹內(nèi)容來(lái)自 pulog