Skip to content

0.0.7 PE analysis with Entropy Analysis

Choose a tag to compare

View all tags
@mauricelambert mauricelambert released this 11 Aug 22:12
· 11 commits to main since this release
v0.0.7
de78a0b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

This script analyzes MZ-PE (MS-DOS) executable file.

This tool is useful for malware analysis or debug/understand compiled dependencies.

  1. Analyze DLLs and imported functions name
  2. Analyze exported functions name
  3. Get executable filename at the compiled time
  4. Get encodings and languages used for compilation
  5. Get timestamps saved in executable
  6. Get architecture, system version, resources (Version file, Manifest)
  7. Get company name, product name, product version, copyright
  8. Sections names, sizes, addresses and characteristics
  9. When matplotlib and EntropyAnalysis are installed, generate charts for entropy analysis (with sections)
Assets 4
Loading