Hi folks,
I recently wrote a little tool which helps reversers and malware-analysts to detect encrypted and/or packed data in files. A special focus lies on PE-files as they are visualized section-wise. The visualization is done by generating a histogram for the file (and it's sections in the case of PE). The tool and a decent description/documentation of it are available under http://cert.at/downloads/software/bytehist_en.html.
Comments are appreciated.
Cheers,
Didelphodon.
Visualizing encrypted or packed data ...
- Didelphodon
- PureBasic Expert
- Posts: 448
- Joined: Sat Dec 18, 2004 11:56 am
- Location: Vienna - Austria
- Contact:
Visualizing encrypted or packed data ...
Go, tell it on the mountains.