pftriage is a tool to help analyze files during malware triage. It allows an analyst to quickly view and extract properties of a file to help during the triage process. The tool also has an analyze function which can detect common malicious indicators used by malware.
+ All Operating System: Windows, Linux and Mac OS Support
+ Python 2.7.x and pefile, filemagic library
Note: On Mac – Apple has implemented their own version of the file command. However, libmagic can be installed using homebrew.
git clone https://github.com/idiom/pftriage && cd pftriage
pip install -r requirement.txt
python pftriage.py -a example.exe