• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / infosec
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
home / tools / Static malware analysis with PEpper

Static malware analysis with PEpper

13/05/2020 11:10 by Anastasis Vasileiadis

PEpper is an open source tool for performing static malware analysis on Portable Executable.

logo - Static malware analysis with PEpper

 

Installation

[email protected]: ~ # git clone https://github.com/Th3Hurrican3/PEpper/

[email protected]: ~ # cd [email protected]: ~ # pip3 install -r requirements.txt

[email protected]: ~ # python3 pepper.py ./malware_dir

 

Snapshots

1 - Static analysis of malware with PEpper

2 - Static analysis of malware with PEpper

3 - Static analysis of malware with PEpper

4 - Static analysis of malware with PEpper

CSV output

csv - Static analysis of malware with PEpper

Application features

  • Suspicious entropy of ratio
  • Suspect names ratio
  • Suspicious sizes of codes
  • Suspect debugging time-stamp
  • Numbers from at export
  • Numbers from anti-debugging calls
  • Numbers from virtual-machine detection calls
  • Numbers from suspicious API calls
  • Numbers from suspicious strings
  • Numbers from YARA rules
  • Numbers from URL who discovers
  • Numbers from IP who discovers

And much more…

Note

  • Can be run in single or multiple PE (placed in a directory)
  • The output of the results will be saved (in the same pepper.py directory) as output.csv
  • To use VirusTotal scan, add your private key to "virustotal.py" (Internet connection required)
Static malware analysis with PEpper was last modified: 3 June, 2020, 8: 28 mm by Anastasis Vasileiadis

Subscribe to our newsletter

no spam

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: toolstag: animal, linux, maleware, pepper, scan:, virus

You May Also Like

MITM Attack Guide to LAN
Guide to Reverse Shell between two Linux machines
Zynix-fusion: Various security tools for pentesters

About Us Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Previous Post: « Hack a Drone using Dronesploit
Next Post: 10 rules for child safety on the internet! »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loadingCancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.