BlackBerry has recently announced the availability of its internal open-source tool, PE Tree. All the security professionals can use this for reverse-engineering malware. This tool enables the reverse engineers to analyze Portable Executable (PE) files with a tree view – with the help of profile and PyQt5.
As a result, it becomes easier to dump as well as reconstruct malware from the memory while offering an open-source PE viewer code-base. Besides, the tool integrates with Hex-Rays’ IDA Pro decompiler to enable easy navigation of PE structures. The dumping in-memory PE files and executing import reconstruction could be done easily now.
Source: Techrepublic
