NAME¶

PEframe - perform static analysis on portable executable malware

SYNOPSIS¶

peframe [options] FILENAME

DESCRIPTION¶

PEframe is a open source tool to perform static analysis on Portable Executable malware and generic suspicious files. It can help malware researchers to detect packer, xor, digital signature, mutex, anti debug, anti virtual machine, suspicious sections and functions, and much more information about the suspicious files.

OPTIONS¶

--json: Enable full JSON output
--strings: Enable strings output.

EXAMPLES¶

peframe malware.exe

peframe --json malware.exe

peframe --strings malware.exe

AUTHOR¶

This tool is currently maintained by Gianni 'guelfoweb' Amato, who can be contacted at guelfoweb@gmail.com or twitter @guelfoweb. Suggestions and criticism are welcome.

04 January 2019

PEframe 5.0.1+git20170303.0.e482def+dfsg

Source file:	peframe.1.en.gz (from peframe 5.0.1+git20170303.0.e482def+dfsg-3)
Source last updated:	2019-01-04T20:12:06Z
Converted to HTML:	2020-08-08T10:11:18Z