Program Executable Analyzer
Description
This script analyzes MZ-PE (MS-DOS) executable file.
This tool is useful for malware analysis or debug/understand compiled dependencies.
- Analyze DLLs and imported functions name
- Analyze exported functions name
- Get executable filename at the compiled time
- Get encodings and languages used for compilation
- Get timestamps saved in executable
- Get architecture, system version, resources (Version file, Manifest)
- Get company name, product name, product version, copyright
- Sections sizes and addresses
Requirements
- python3
- Python 3 Standard library
Installation
pip install ProgramExecutableAnalyzer
Usages
ProgramExecutableAnalyzer.py -h
ProgramExecutableAnalyzer.py executable.exe
ProgramExecutableAnalyzer.py -c executable.exe # No color
ProgramExecutableAnalyzer.py -v executable.exe # Verbose mode
Screenshots
Links
Licence
Licensed under the GPL, version 3.