I bring you a major innovation in static malware analysis, along with highly optimized performance and stability. Both the Professional version and PEscan have been updated with the latest enhancements. This version will give my neurons 🧠 a break… and I know it will be your best ally for reversing and security incidents that, unfortunately, are ahead of us. The integrated Flow Anomalies module works seamlessly with the [Show Offsets] tool, allowing you to track the execution flow of different code fragments and locate their strings. Enjoy it! 🤗
Changelog v3.2
Compatibility with the achievement medal system and unlocking of functionalities from the previous version.
Fixed an issue that caused duplicate section counts in non-executable files.
Inclusion of form state controls during analysis.
Complete review of the heuristic and email modules, now enabled by default.
If the Options form was open during analysis, it will remain visible until completion.
Manual string search limited to 100 characters.
Redistribution and minor adjustments in the payload module detections.
Review of the decimal-to-hexadecimal and hexadecimal-to-decimal offset conversion routine.
Optimization of the Intelligent Strings module, improving performance on large files.
Slight improvement in SQL query extraction.
Update and optimization of the file description extraction module:
Language and CodePage fields are now included in all descriptions.
Inclusion of the Flow Anomalies module, responsible for static code flow checks:
Identification of indirect calls in executables.
Detection of suspicious jump sequences (JMP and conditional), indicating possible obfuscation or packing.
Detection of instructions related to shellcodes and payloads.
Detection of NOP and breakpoint (BP) sequences.
Extraction of Overlay in hexadecimal and character format.
Verification of junk code in Entry Points.
Download: 4n4lDetector v3.2
