Skip to content
A Simple PE File Heuristics Scanners
Branch: master
Clone or download
Latest commit 773505a Mar 11, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE
README.md Fixed Typos Mar 11, 2018
UserDB.txt Added Project Files Mar 11, 2018
malscan.py Added Project Files Mar 11, 2018
ncat.exe.log Added Project Files Mar 11, 2018
pefile.py Added Project Files Mar 11, 2018
peutils.py Added Project Files Mar 11, 2018
usage_example.png

README.md

MalScan

MalScan is a simple PE File Heuristics Scanners written in python that you can use to quickly analyze a PE file and find out whether anything suspicious exists. It is a simple tool so doesn't offers much fancy features. You are free to extend it or do whatever you want with it.

Things Supported

  • Information About file such as MD5, SHA1, Timestamp
  • PEiD Signature Check
  • Custom Yara Rules Integration
  • Section, Imports, Exports, Resources and TLS Callbacks Overview
  • Provides some custom heuristics :-)

Installing

You need to have Python 2.7 installed on your machine. The additional requirement is yara-python.

git clone https://github.com/Ice3man543/MalScan.git .
cd MalScan
python malscan.py

Usage

Simply run with the name of file you want to check.

tool_in_action

Development

Want to contribute? Great!

You can add more featrues or recommend any changes to the existing ones. Any kind of help is appreciated.

License

BSD 2-Clause "Simplified" License

Contact

Meet me on Twitter: @Ice3man543

Credits

  • The Awesome PEiD project
  • Malware Analysts Cookbook
  • Any other malware resource that this tool contains code from :-)
You can’t perform that action at this time.