PortexAnalyzerGUI: Portable Executable and Malware Analysis Library
PortexAnalyzerGUI
Graphical interface for PortEx, a Portable Executable and Malware Analysis Library
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala and targeted at Java applications.
Features
- Header information from MSDOS Header, Rich Header, COFF File Header, Optional Header, Section Table
- PE Structures: Import Section, Resource Section, Export Section, Debug Section
- Scanning for file format anomalies, including structural anomalies, and deprecated, reserved, wrong, or non-default values.
- Visualize file structure, local entropies, and byteplot, and save it as PNG
- Calculate Shannon Entropy, imphash, MD5, SHA256, Rich and RichPV hash
- Overlay and overlay signature scanning
- Version information and manifest
Download
Copyright (C) 2022 struppigel
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce
