Adlice PEViewer is a tool used by many researchers at Antivirus companies or CERT worldwide in order to perform malware static analysis.
Malicious software sometimes try to hide their goals in order to evade detection and static analysis. By doing so, they leave indicators, metadatas and suspicious modifications behind.
Adlice PEViewer searches, finds and lists these artifacts to help researchers making up their mind on a suspicious file. The tool uses robust PE parser as well as analysis engine and heuristics detections to build these indicators. PEViewer also relies on 3rd party scanners like VirusTotal for which it displays the results. All of this together allows the tool to build severity scores.Details