What it is?
PE-Bear is a new project aimed at reversing executable or PE files.
Objective: to deliver a fast and flexible “first view” tool for malware analysts. Stable and capable to handle malformed PE files.
Download
The latest version is 0.2.5 (beta), released: 26.09.2013:
*requires Microsoft Visual C++ 2010 Redistributable Package, available here:
Redist 32bit
Redist 64bit
Features and details
- handles PE32 and PE64
- views multiple files in parallel
- recognizes known packers (by signatures)
- fast disassembler – starting from any chosen RVA/File offset
- visualization of sections layout
- selective comparing of two chosen PE files
- integration with windows explorer menu
- and more…
Official Site: http://hshrzd.wordpress.com/pe-bear/
