Categories /

Files - Miscellaneous (40)

MiTeC EXE Explorer v2.8.0 Updated

billon on 18 Sep 2020
  • 3MB (uncompressed)
  • Released on 18 Sep 2020
  • Suggested by juvera

MiTeC EXE Explorer reads and displays executable file properties and structure. It is compatible with PE32 (Portable Executable), PE32+ (64bit), NE (Windows 3.x New Executable) and VxD (Windows 9x Virtual Device Driver) file types, as well as .NET executables.

The program identify compiler and packer/protector, enumerates introduced classes, used units and forms for files compiled by Borland compilers. It contains powerfull Resource Viewer that is able to abalyze and display all basic resouce types and some extra ones as JPEG, PNG, GIF, AVI, REGISTRY and Type Library viewer that enumerates all objects and creates import interface unit in Object Pascal language. Every type of resource can be saved to file.

Program data can be output to a text report.

Category:
Runs on: WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: If "File | Persistent Layout" option is enabled, an INI file will be written to '%APPDATA%\MITEC\EXE Explorer'. Also writes to the Registry when "File | Shell Integration" is enabled (saved to 'HKLM\SOFTWARE\Classes\*\shell\EXE Explorer').
Stealth: ? Yes. But only without persistent layout or shell integration; otherwise see "Writes settings to" above.
Unicode support: Yes
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch EXE.exe or EXE64.exe (for 64-bit OS).
Similar/alternative apps: PPEE, PE Anatomist, pestudio
What's new?
  • Executable description.
  • Overlay data type detection.
  • Advanced Installer detection.
  • StarForce protection detection.
  • WinZip installer detection.
  • Rich header table detection enhanced.
  • Debug information type detection enhanced.
  • Load Config detection enhanced.
  • Nested certificates enumeration added
Latest comments
CornHolio the Gringo on 2018-02-06 16:27

All MiTeC software that I use, writes to registry.
MiTeC HexEdit 6.1.0
MiTeC Icon Explorer 4.2.0
MiTeC Mail Viewer 2.3.0
MiTeC Network Scanner 4.0

Therefore Ive used JauntePE060Nightly to make it true stealth.

Add comment

PE Anatomist v0.1.17 Updated

billon on 10 Sep 2020
  • 378KB (uncompressed)
  • Released on 10 Sep 2020
  • Suggested by billon

PE Anatomist shows almost all known data structures inside a PE file and makes some analytics.

Category:
Runs on: WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: Application folder
Stealth: ? Yes
Unicode support: Yes
License: MIT License
How to extract: Download the ZIP package and extract to a folder of your choice. Launch PEAnatomist.exe.
Similar/alternative apps: PPEE, MiTeC EXE Explorer, pestudio
What's new? See:
https://rammerlabs.alidml.ru/changelog-eng.html
Latest comments
__philippe on 2019-12-28 12:07

PE Anatomist changelog history:

https://rammerlabs.alidml.ru/changelog-eng.html

Add comment

PropertySystemView v1.13 Updated

billon on 30 Aug 2020
  • 138KB (uncompressed)
  • Released on 30 Aug 2020
  • Suggested by Special

PropertySystemView allows you view and modify the properties of file from GUI and command-line, using the property system of Windows operating system. For example, you can change the 'Media Created' timestamp stored in .mp4 files (System.Media.DateEncoded) as well as other metadata stored in media files and office documents, like Title, Comments, Authors, Tags, Date Acquired, Last Saved Date, Content Created Date, Date Imported, Date Taken (EXIF of .jpg files), and more.

PropertySystemView also allows you to set properties of Windows. For example, you can set the System.AppUserModel.ID property of a window in order to disable the taskbar grouping of the specified window.

Category:
Runs on: Vista / Win7 / Win8 / Win10
Writes settings to: Application folder
Unicode support: Yes
License: Freeware
How to extract: Download the ZIP package and extract to a folder of your choice. Launch PropertySystemView.exe.
What's new?
  • Added /OpenGoogleMaps command-line option, which opens the location of .jpg image in Google Maps Web site, for example:
    PropertySystemView.exe /Filename "C:\temp\20200725_101225.jpg" /OpenGoogleMaps

pestudio standard v9.06 Updated

billon on 30 Aug 2020
  • 3MB (uncompressed)
  • Released on 29 Aug 2020
  • Suggested by joby_toss

pestudio shows details about applications and other system files (.exe, .dll, .cpl, .ocx, .ax, .sys etc.) without starting them including:

  • Libraries that are used by an application
  • Functions that are imported by an application
  • Functions (also anonymous) that are exported by an application
  • All functions that are forwarded to other libraries
  • Obsolete Functions that are exported and imported by an application
  • If Data Execution Prevention (DEP) Windows security mechanism is used
  • If Address Space Layout Randomization (ASLR) Windows security mechanism is used
  • If Windows security mechanism Structured Exception Handling (SEH) is used
  • Whether some sections are compressed

pestudio standard lacks some features of pro version.

Category:
Runs on: Win2K / WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: Application folder
Stealth: ? Yes
Unicode support: Yes
License: Free for personal use/Liteware
How to extract: Download the ZIP package and extract to a folder of your choice. Delete AddToShell.reg and RemoveFromShell.reg. Launch pestudio.exe.
Similar/alternative apps: PPEE, PE Anatomist
What's new?
  • Extend User-Interface to handle XML-based settings.
  • Add setting filters for online-score, indicators, mitre etc.
  • Show duplicated exports for 64bit executable.
  • Fixed bugs:
    • When computing minimum string length;
    • When computing file-offset of resources.
Latest comments
Midas on 2017-11-26 19:37

Like noted elsewhere, unless significant for the comment exchange, program changelogs are best posted to the forum topic (or entered at the appropriate field), my dear _phillipe. B-)

__philippe on 2017-11-26 21:39

All righty,... next time round,

the undersigned hereby pledge to abide by the recommendations, protocols,
procedures and regulations set forth by my Right Honourable Friend Midas,
the Member for TPFC's constituency,... cross my heart and hope to die... ;-)

__philippe

Special on 2019-09-14 18:16

Looks like with 8.98 they've removed even more features from the previous 9.87 free version (detect well-known whitelisted libraries/blacklisted resources), funny they don't mention that in the changelog.

See all

Detect It Easy v3.00 Updated

billon on 1 Aug 2020
  • 14MB (uncompressed)
  • Released on 1 Aug 2020
  • Suggested by zzz

Detect It Easy (DIE) is a packer identifier in order to help define a file type. Comes in handy to analyze a file, determine its type and packer.

Category:
Runs on: WinXP / Vista / Win7 / Win8 / Win10
Writes settings to: Application folder
Stealth: ? Yes
Unicode support: Yes
License: MIT License
How to extract: Download the "portable" ZIP package and extract to a folder of your choice. Launch die.exe.
What's new? See:
https://n10info.blogspot.com/search/label/Detect It Easy
Latest comments
juverax on 2018-08-04 09:27

Detect It Easyv2.00
I checked two files in virustotal:
1) die.exe virustotal = 4/67 https://www.virustotal.com/#/file/3933bcc5ab10f3fc065c982d6b035af28aa10a33d2861e2c12896f960dae0ac8/detection
2) diel.exe virustotal = 3/66
https://www.virustotal.com/#/file/2f5b85c917cdc837fa93b3bd33adb5560084f4479d521256a52bc67d7b23540d/detection

Since the author also releases the source code, it must be false positives.

Add comment