- Detect file signature
- Detect hard-coded URLs and IP addresses
- Collect metadata
- Collect imports, exports, strings
- Retrieve the rich-header, manifest, resources
- Compute imphash
- Retrieve the score from virustotal
Threre are two different versions of pestudio. The professional version of the tool has unique features.
Analysis of executable in a non-professional context.
Analysis of executable in a professional context.
© Marc Ochsenmeier