Analyze executable files without running them, checking its dependencies and components, exported and forwarded functions, and more #Application analyzer #EXE inspector #Analyze EXE #Analyzer #Inspector #Executable
The ways malware spreads have become more variate over time but executable files remain a widely-used attack vector. Usually, it only takes a double click to launch an executable file and, in fact, get the host computer infected. Having that in mind, PeStudio provides an initial malware testing tool that can take a look at an executable without actually opening it, so as to spot suspicious modifications to the original file.
There is nothing complicated when it comes to using PeStudio. Although there is no help menu or indications, the interface is simple and understanding how things work is extremely easy. Intuitively, you start by loading the input file.
The application can check out various file formats, including EXE, DLL, CPL, OCX, AX, SYS and others. To make things even easier, drag and drop is supported, which means it is enough to add a program onto the main window to initiate the scan.
The analysis starts right away and PeStudio displays insightful information about a file’s properties. It reveals the hash codes, its size and entropy, the compile and the debugger stamps, all to be able to check the integrity of the file.
Furthermore, PeStudio can reveal details about various file indicators and signatures. It can show you if a file contains another file and show you file references, offer you information about DOS and file headers, directories, sections and libraries. It reveals resources, bound imports, exported symbols, strings and debug information, as well as the file’s manifest and version. The VirusTotal scan results is also shown.
With all this information, experienced users can determine hard-coded URLs and IP addresses, thus finding out if the file has been tampered with. The entire report can be saved to XML format.
The goal of PeStudio is to provide a quick way to inspect executable files without having to run them. Evidently, it cannot replace a reliable antivirus solution but it does allow you to get a detailed report about the way an executable file was built.
What's new in PeStudio 9.58:
- Fix an issue when fetching the Virustotal report
- Fix a bug when detecting libraries
- Extend indicators
PeStudio 9.58
add to watchlist add to download basket send us an update REPORT- runs on:
-
Windows 11
Windows 10 32/64 bit
Windows 8 32/64 bit
Windows 7 32/64 bit - file size:
- 1.1 MB
- filename:
- pestudio-9.58.zip
- main category:
- Programming
- developer:
- visit homepage
Windows Sandbox Launcher
4k Video Downloader
7-Zip
Zoom Client
IrfanView
calibre
Context Menu Manager
Microsoft Teams
Bitdefender Antivirus Free
ShareX
- Microsoft Teams
- Bitdefender Antivirus Free
- ShareX
- Windows Sandbox Launcher
- 4k Video Downloader
- 7-Zip
- Zoom Client
- IrfanView
- calibre
- Context Menu Manager