PortexAnalyzerGUI – Graphical Interface For PortEx, A Portable Executable And Malware Analysis Library
Graphical interface for PortEx, a Portable Executable and Malware Analysis Library
Download
Features
- Header information from: MSDOS Header, Rich Header, COFF File Header, Optional Header, Section Table
- PE Structures: Import Section, Resource Section, Export Section, Debug Section
- Scanning for file format anomalies
- Visualize file structure, local entropies and byteplot, and save it as PNG
- Calculate Shannon Entropy, Imphash, MD5, SHA256, Rich and RichPV hash
- Overlay and overlay signature scanning
- Version information and manifest
- Icon extraction and saving as PNG
- Customized signature scanning via Yara. Internal signature scans using PEiD signatures and an internal filetype scanner.
Supported OS and JRE
I test this program on Linux and Windows. But it should work on any OS with JRE version 9 or higher.
Future
I will be including more and more features that PortEx already provides.
These features include among others:
- customized visualization
- extraction and conversion of icons to .ICO files
- dumping of sections, overlay, resources
- export reports to txt, json, csv
Some of these features are already provided by PortexAnalyzer CLI version, which you can find here: PortexAnalyzer CLI
Donations
I develop PortEx and PortexAnalyzer as a hobby in my free time. If you like it, please consider buying me a coffee: https://ko-fi.com/struppigel
Author
Karsten Hahn
Twitter: @Struppigel
Mastodon: [email protected]
Youtube: MalwareAnalysisForHedgehogs
License
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
