FREE MALWARE ANALYSIS AND INITIAL ASSESSMENT TOOL FOR WINDOWS

Punniya seelan
0

 PeStudio is a free malware analysis and initial assessment tool for Windows. Here it takes n executable file from you and runs a series of tests to identify malicious threats. It even comes with a built-in VirusTotal scanner. In addition to this, you can also see the details about the artifacts in any executable file and generate a report.

You can inspect certificate, manifest, and file headers of any EXE file and analyze it. If it is a virus or harmful program, then you can spot that. The best part is that, this tool runs all the tests without running or executing the specified executable file. So, you can test and analyze any harmful file with this without having to worrying about your PC.

  • Here are the man highlights of this tool.
  • Spot anomalies.
  • Retrieve scores from VirusTotal.
  • Retrieve metadata and transform RAW data into report.
  • Provide hints and indicators.
  • Consume XML configurations files.
  • Create XML report.

Malware Analysis and Initial Assessment Tool for Windows PeStudio

Free Malware Analysis and Initial Assessment Tool for Windows: PeStudio

You simply start by downloading this tool from here. It runs in portable mode, so you just double-click on it to run it. It has a very simple UI and looks like as shown below.

PeStudio UI

Now, you just either drop an EXE file on its interface or simply open it. It will take a few seconds to process the specified file and will generate the results for you. You can see the results of different test in the different sections of the tool. The vert first one shows the basic details.

PeStudio Overview

In the VirusTotal section, you can see the VT score and detection ratio. This is one of the most important tool as VirusTotal indicator will further stop you from digging in case the file is already a threat. If the file hash doesn’t exist on VirusTotal website, then it might take a minute or two to display the virus scan results.

PeStudio VirusTotal Test

Move to the certificate section and here you can see if the certificate of tool is expired. Software and tools with expired  certificates are not really good, so avoid using them.

PeStudio Certificate

Similarly, you can see the results of the different modules included in this malware assessment analysis tool. If you are an expert in malware analysis, then you will understand more precisely and make a decision whether an executable file is a threat. Also, when it is done processing the file, you can export the data as an XML report.

Final thoughts:

PeStudio is a great malware analysis tool you can have on your PC. You can run static analysis of EXE files in batch mode to create XML report and do much more. All the features are self-explanatory, and you can try i on your own to see if it fits your needs.


Tags:

Post a Comment

0Comments

Post a Comment (0)