suspecious files detector tool , coded in C# VS2017.
The analysis is based on:
-The IAT (Import Address Table ) , checking suspecious Win API functions.
-Packed PE file.
-Entire file entropy.
-Sections entropy.
-Malicious commands and strings.
dependencies:
-dotNET framework 4
-Yara 3.9.0