MalScan is a simple PE File Heuristics Scanners written in python that you can use to quickly analyze a PE file and find out whether anything suspicious exists. It is a simple tool so doesn't offers much fancy features. You are free to extend it or do whatever you want with it.
- Information About file such as MD5, SHA1, Timestamp
- PEiD Signature Check
- Custom Yara Rules Integration
- Section, Imports, Exports, Resources and TLS Callbacks Overview
- Provides some custom heuristics :-)
You need to have Python 2.7 installed on your machine. The additional requirement is yara-python.
git clone https://github.com/Ice3man543/MalScan.git . cd MalScan python malscan.py
Simply run with the name of file you want to check.
Want to contribute? Great!
You can add more featrues or recommend any changes to the existing ones. Any kind of help is appreciated.
BSD 2-Clause "Simplified" License
Meet me on Twitter: @Ice3man543
- The Awesome PEiD project
- Malware Analysts Cookbook
- Any other malware resource that this tool contains code from :-)