PortexAnalyzerGUI - Graphical Interface For PortEx, A Portable Executable And Malware Analysis Library
Download
Releases pageFeatures
- Header information from: MSDOS Header, Rich Header, COFF File Header, Optional Header, Section Table
- PE Structures: Import Section, Resource Section, Export Section, Debug Section
- Scanning for file format anomalies
- Visualize file structure, local entropies and byteplot, and save it as PNG
- Calculate Shannon Entropy, Imphash, MD5, SHA256, Rich and RichPV hash
- Overlay and overlay signature scanning
- Version information and manifest
- Icon extraction and saving as PNG
- Customized signature scanning via Yara. Internal signature scans using PEiD signatures and an internal filetype scanner.
Supported OS and JRE
I test this program on Linux and Windows. But it should work on any OS with JRE version 9 or higher.Future
I will be including more and more features that PortEx already provides.These features include among others:
- customized visualization
- extraction and conversion of icons to .ICO files
- dumping of sections, overlay, resources
- export reports to txt, json, csv
Donations
I develop PortEx and PortexAnalyzer as a hobby in my free time. If you like it, please consider buying me a coffee: https://ko-fi.com/struppigelAuthor
Karsten HahnTwitter: @Struppigel
Mastodon: struppigel@infosec.exchange
Youtube: MalwareAnalysisForHedgehogs
