Winitor PEStudio Code Issue Vulnerability

Winitor PEStudio is an application from Winitor Inc. for discovering executables to simplify and speed up initial malware evaluation. A code issue vulnerability exists in Winitor PEStudio version v.9.52, which stems from the presence of a DLL hijacking vulnerability that can be exploited by an...

YARA webinar follow up

If you read my previous blogpost Hunting APTs with YARA then you probably know about the webinar we conducted on March 31, 2020, showcasing some of our experience in developing and using YARA rules for malware hunting. In case you missed the webinar - or if you attended and want to re-watch it -...

PEpper - An Open Source Script To Perform Malware Static Analysis On Portable Executable

An open source tool to perform malware static analysis on P ortable E xecutable Installation eva@paradise:$ git clone https://github.com/Th3Hurrican3/PEpper/ eva@paradise:$ cd PEpper eva@paradise:$ pip3 install -r requirements.txt eva@paradise:$ python3 pepper.py ./malwaredir Screenshot...

Memory corruption vulnerability in pestudio's handling of PE format (CNVD-2019-17509)

pestudio is a free tool for validating applications. A memory corruption vulnerability exists in pestudio's handling of the PE format. An attacker can cause the program to crash by constructing a malformed PE format...

Memory corruption vulnerability in pestudio's handling of PE formats

pestudio is a free tool for validating applications. A memory corruption vulnerability exists in pestudio's handling of the PE format. An attacker can cause the program to crash by constructing a malformed PE file...

PEStudio 3.69 - Denial of Service

No description provided by source. Title: PEStudio Version 3.69 Denial of Service Date: 5th June 2013 Author: Debasish Mandal https://twitter.com/debasishm89 Blog : http://www.debasish.in/ Software Homepage: http://www.winitor.com/ Version: PEStudio Version 3.69 Tested on: Windows XP SP2 / Window...

[PeStudio v7.98] The Static Investigation tool for Windows executable binary

PeStudio is a free tool performing the static investigation of any Windows executable binary. A file being analyzed with PeStudio is never launched. Therefore you can evaluate unknown executable and even malware with no risk. PeStudio runs on any Windows Platform and is fully portable , no...

PEStudio 3.69 - Denial of Service

Title: PEStudio Version 3.69 Denial of Service Date: 5th June 2013 Author: Debasish Mandal https://twitter.com/debasishm89 Blog : http://www.debasish.in/ Software Homepage: http://www.winitor.com/ Version: PEStudio Version 3.69 Tested on: Windows XP SP2 / Windows 7 Vendor Patch : Recently release...

PEStudio 3.69 Denial Of Service

Title: PEStudio Version 3.69 Denial of Service Date: 5th June 2013 Author: Debasish Mandal https://twitter.com/debasishm89 Blog : http://www.debasish.in/ Software Homepage: http://www.winitor.com/ Version: PEStudio Version 3.69 Tested on: Windows XP SP2 / Windows 7 Vendor Patch : Recently release...

PEStudio 3.69 - Denial of Service

Exploit for windows platform in category remote exploits Title: PEStudio Version 3.69 Denial of Service Date: 5th June 2013 Author: Debasish Mandal https://twitter.com/debasishm89 Blog : http://www.debasish.in/ Software Homepage: http://www.winitor.com/ Version: PEStudio Version 3.69 Tested on:...

CVE-2023-36546

CVE-2023-36546 appears with a Rejected reason in the initial document, indicating the ID was withdrawn and is not a security issue. Connected sources describe a concrete vulnerability in Winitor PEStudio (v9.52) involving a DLL hijacking flaw that can allow an attacker to execute arbitrary code b...