Static malware analysis with PEpper

PEpper is an open source tool for performing static malware analysis on Portable Executable.




root @ kali: ~ # git clone

root @ kali: ~ # cd PEpperroot @ kali: ~ # pip3 install -r requirements.txt

root @ kali: ~ # python3 ./malware_dir



CSV output

Application features

  • Suspicious entropy of ratio
  • Suspect names ratio
  • Suspicious sizes of codes
  • Suspect debugging time-stamp
  • Numbers from at export
  • Numbers from anti-debugging calls
  • Numbers from virtual-machine detection calls
  • Numbers from suspicious API calls
  • Numbers from suspicious strings
  • Numbers from YARA rules
  • Numbers from URL who discovers
  • Numbers from IP who discovers

And much more…


  • Can be run in single or multiple PE (placed in a directory)
  • The output of the results will be saved (in the same directory) as output.csv
  • To use VirusTotal scan, add your private key to "" (Internet connection required)

Registration in via Email

Enter your email to subscribe to the email notification service for new posts.

Read them Technology News from all over the world, with the validity of

Follow us on Google News at Google news