Description: In this episode of TekTip we cover using peframe to help with the automating of static analysis of Portable Executable (PE) files. While MASTIFF (which we covered extensively) will determine a file type and then based on the file type run the appropriate tools, peframe focuses specifically on PE files or what we generally consider standard windows executables. This focus allows peframe to pull out some great data that we don't see (at least not yet), in other static analysis frameworks.
Peframe was created by Gianni Amato (@guelfoweb) and added to the CAINE digital forensics distro.
@TekDefense
www.TekDefense.com
1aN0rmus@TekDefense.com
www.youtube.com/user/TekDefense
Subscribe and like
Tags: Malware , Malware analysis , Static , peframe , python , 1aN0rmus , TekDefense , TekTip ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.