PEview – Tool to Investigate PE Files
PEview provides a quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files. This PE/COFF file viewer displays header, section, directory, import table, export table, and resource information within EXE, DLL, OBJ, LIB, DBG, and other file types.

This tool will be useful for investigating malwares and will allow user to reverse the malicious executable files and see if there are suspicious or malicious DNS record that is used by attacker.
You can read more and download this tool over here: http://wjradburn.com/software/
Subscribe
0 Comments