pestudio is an application that performs Malware Initial Assessment of any executable file (*.exe, *.dll, *.sys, *.cpl, etc…).

Malicious executable often attempts to hide its malicious intents and to evade detection. In doing so, it generally presents suspicious patterns and other anomalies.

The goal of pestudio is to detect these and to provide indicators about the executable being analyzed in order to ease malware initial assessment. Since the executable file being analyzed is never started, you can inspect any unknown or malicious executable with no risk.





Crear un fichero de volcado de memoria de un proceso

Abrir el fichero de volcado de memoria con un editor hexadecimal