The PE (Portable Executable) file format is an universal file format in Windows operating systems. It has a strictly defined structures and contained values it must to have. Only these strictly defined rules can guarantee the portability of the PE files and that they will work on every version of Windows. But that’s a little bit more complicated so now we are going to explore the tools which can analyze and customize the PE files as RAW (saved on the hard disk) data or loaded in the memory.
Continue reading Tools for PE format and malware analysis