PEep
PEep is a command-line tool that performs static analysis on Windows portable executable (PE) files.
Overview
PEep is a command-line tool that performs static analysis on Windows portable executable (PE) files with the intent of assisting with basic static analysis of malicious programs. Malware authors can pack data by encrypting it and storing it in a section of a portable executable (PE). PEep aims to help security researchers analyze malware samples to determine if a PE file contains packed data.
Results
PEep was written in Python as a command-line tool that can be given the path to any valid PE file. The tool analyzes and outputs information for each PE section of the file including the relative address in memory, size, and information entropy. The entropy of the section helps researchers determine if a section is packed by giving a value between 0-8. A higher entropy value may indicate packed data in that specific section.