Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Qiew - Hex/File format viewer

Portable Executable (PE) file viewer

Designed to be useful for reverse engineering malware.


  • highlights strings/calls/mz-pe very useful in malware analysis.
  • PE info, able to jump to sections, entry point, overlay, etc.
  • disassembler + referenced strings, API calls
  • "highlight all" for current text selection.

see wiki for key functions

This program is licensed under GPLv2.


Binaries available for Windows AMD64, built with cx_Freeze

Installation from sources

Install Terminus font, for Windows users download from here. For Debian/Ubuntu users: sudo apt-get install xfonts-terminus

If you have a C compiler run

pip install -r requirements.txt

Otherwise run

pip install yapsy pefile pyperclip pyaes ply pyelftools androguard PyQt5

and manually install Capstone.

If you develop in a virtualenv on Windows, you need to copy the python3.dll to your virtual env, as only python36.dll is copied automatically.

Available plugins

  • PE

  • bootsector

  • ELF

  • APK

  • NTFS

Binary view mode


Hex view mode


Disassembly view mode

disasmview disasmview

Powered by: Python3, Qt5, Terminus font, pefile, Capstone

see wiki