RogueKillerPE 1.0.0.0 Alpha 6 (x86/x64) + Portable
This post was published 10 years ago. Download links are most likely obsolete. If that's the case, try asking the uploader to re-upload.
RogueKillerPE 1.0.0.0 Alpha 6 (x86/x64) + Portable | 27.2/18.8/22.6 Mb
RogueKillerPE is an analysis tool for portable executable files, displaying the internal structure of the adjacent process or the file itself, as stored on the hard disk. In other words, it provides users with a powerful parsing tool for executable files, in an attempt to help them detect potentially dangerous activity on the system.
Inspect running processes to detect suspicious files
Used together with RogueKiller, RogueKillerPE can become a redoubtable weapon in the fight against malicious processes and files that can end up harming the host system. Unlike RogueKiller, the PE edition is not designed to automatically target and terminate suspicious processes, but it succeeds in providing a complete overview on any running application.
RogueKillerPE can automatically load the list of running processes, but it can also be used to inspect the structure of a file located anywhere on the hard drive. Be it a process or an EXE file, the input is parsed in seconds.
Analyze the structure of any process or portable executable in detail
As for the actual information that RogueKillerPE retrieves, the list comprises general details regarding the process (PID, creation time, architecture), hash codes, the file location and its digital signature, file properties and the compiler that was used to create it, alongside the latest known VirusTotal scanning results and statistics.
Additionally, it shows addresses in the memory of the selected process and analyzes its hex code, PE headers, sections, imports, and exports, while also offering an insight of the disassembly data. Furthermore, it extracts the PE resources, parsing images, icons, bitmaps, dialogs, strings, versions, and manifest data, and displays it all in a user-friendly manner.
Analyze any portable executable and detect malicious content
RogueKillerPE offers a simple means of finding out what is running on the local computer and detecting malicious processes. It is capable of analyzing processes in detail, showing you the internal structure of a PE file and allowing the user to decide whether it is safe or it should be terminated immediately.
FEATURES
• Open PE from file, and read disk image
• Open PE from process, and read memory or disk image
• Display basic information regarding Process (if any), Module (if any), File
• Display Pages from process’s memory
• Display Hex code
• Display PE Headers
• Display PE Sections
• Display PE Imports
• Display PE Exports
• Display PE Resources (parses and shows images, strings, XML in a user-friendly way)
New in version 1.0.0.0 Alpha 6 (November 16, 2015)
• Improved UI responsiveness
• Added more resource types
OS: Windows XP, Server 2003, Vista, Server 2008, 7, 8 (32-bit and 64-bit)