PEStudio Version 9.00 – New Release

pestudio is used by Computer Emergency Response Teams and Labs worldwide in order to perform Malware Initial Assessment. Malicious software often attempts to hide its intents in order to evade early detection and static analysis. In doing so, it often leaves suspicious patterns, unexpected metadata, anomalies and other valuable indicators.

PEStudio Version 9.00 - New Release
PEStudio Version 9.00 – New Release

The goal of pestudio is to spot these artifacts in order to ease and accelerate Malware Initial Assessment. The tool is built upon a powerful parser and a set of XML configuration files that are used to detect various types of indicators and classify items.

Since the file being analyzed is never started, you can inspect malicious executable files like trojan, ransomware and RAT with no risk of infection.

Latest release PEStudio Version 9.00 include the following improvements:

  • Detect when compiler time stamp is outside of certificate time stamp range
  • Add Mitre Tactics detection
  • Add Mitre View
  • Fix bugs

You can read more and download latest release over here: https://www.winitor.com/index.html

Share