Skip to content

emdevv/Automation-Script-using-Static-Analysis-For-PE

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
Yara
Yara
 
 
exe2
exe2
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Automation-Script-using-Static-Analysis-For-PE

Automation-Script-using-Static-Analysis-For-PE is a Python application that automatically perform a static analysis over Portable Executables.

Description

This application is designed to perform methods of static analysis automatically for Portable Executables and also create a risk assessment logic to clasify if the PE is malign or benign.

Features

  1. File metadata analysis
  • Size Of Headers
  • Section Alignment
  • Image Base
  • Address Of Entry Point
  • Time Date Stamp
  1. Exponential entropy calculation
  • on file level
  • on section level
  1. Yara checks
  • Packed/Obfuscated
  • Suspicious strings
  • Suspicious Dll imports
  • Suspicious IPs
  • Suspicious URLs

Requirements

  1. At least Python 3.12.5

  2. MSVC v14.xx

Installation

  1. Clone the repository:

    git clone https://github.com/emichulo/Automation-Script-using-Static-Analysis-For-PE.git

  2. Install the required dependencies:

    pip install -r requirements.txt

Usage

  • Set the path to your folder with the PE's.
  • Name the text file for the analysis output.

  1. Run the application:

    python src/main.py

About

A script that create a risk score logic using automation and methods from static analysis.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages