pe python3 analysis dll executable malware-analysis ms-dos reverse-engineering microsoft windows forensics pe-analysis pe-analyzer security static-analysis

Program Executable Analyzer

Description

This script analyzes MZ-PE (MS-DOS) executable file.

This tool is useful for malware analysis or debug/understand compiled dependencies.

Analyze DLLs and imported functions name
Analyze exported functions name
Get executable filename at the compiled time
Get encodings and languages used for compilation
Get timestamps saved in executable
Get architecture, system version, resources (Version file, Manifest)
Get company name, product name, product version, copyright
Sections sizes and addresses

Requirements

python3
Python 3 Standard library

Installation

pip install ProgramExecutableAnalyzer

Usages

ProgramExecutableAnalyzer.py -h
ProgramExecutableAnalyzer.py executable.exe
ProgramExecutableAnalyzer.py -c executable.exe  # No color
ProgramExecutableAnalyzer.py -v executable.exe  # Verbose mode

Screenshots

Links

Licence

Licensed under the GPL, version 3.

About

This script analyzes MZ-PE (MS-DOS) executable file

pe python3 analysis dll executable malware-analysis ms-dos reverse-engineering microsoft windows forensics pe-analysis pe-analyzer security static-analysis

GNU General Public License v3.0

Languages

Language:Python 100.0%