软件简介

peframe是一款命令行下的恶意PE文件静态分析工具,主要特点:

• Hash MD5 & SHA1
• PE file attributes
• Version info & metadata
• PE Identifier Signature
• Section analyzer
• Imported DLLs & API functions
• Search for suspicious API & sections
• Dumping all the information
• Extract all the string
• Extract all the url
• Reverse Hex dump
• List Entry instances

介绍内容来自 pulog