Statically check any local file against a plethora of suspicious indicators to better detect malignant files.
Program aims to warn you about any and all suspicious indicators it manages to detect. Upon completion presents you with all suspicious indicators found, with accompanying explanations to each indicator.
- [/] Masquerading - Masquerading
- RTLO Filename Masquerading - Masquerading: Right-to-Left Override
- [] Alternative Executable Extensions - User Execution: Malicious File
- MOTW Bypass (ISO) - Subvert Trust Controls: Mark-of-the-Web Bypass
- MOTW Bypass (Misc Archives) - Subvert Trust Controls: Mark-of-the-Web Bypass
- [] OpenXML Archive - Masquerading, Subvert Trust Controls
- Multiple File Extensions - Masquerading: Double File Extension
- .lnk Extension - User Execution: Malicious File
- [] .lnk Launch Options - Boot or Logon Autostart Execution: Shortcut Modification
- Contains Homoglyphs? - D3-HD (Homoglyph Detection)
- [] File Magic
- [] Entropy
- [] Virustotal Hash
- [] is Signed?
- [] Filebloat