PortexAnalyzerGUI: Portable Executable and Malware Analysis Library

Malware Analysis Library

PortexAnalyzerGUI

Graphical interface for PortEx, a Portable Executable and Malware Analysis Library

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala and targeted at Java applications.

Features

  • Header information from MSDOS Header, Rich Header, COFF File Header, Optional Header, Section Table
  • PE Structures: Import Section, Resource Section, Export Section, Debug Section
  • Scanning for file format anomalies, including structural anomalies, and deprecated, reserved, wrong, or non-default values.
  • Visualize file structure, local entropies, and byteplot, and save it as PNG
  • Calculate Shannon Entropy, imphash, MD5, SHA256, Rich and RichPV hash
  • Overlay and overlay signature scanning
  • Version information and manifest

Download

Copyright (C) 2022 struppigel