You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@hasherezade edited this page Jan 20, 2019
·
1 revision
Some of the malware authors try to prevent from automated payload dumping by intentionally erasing and corrupting PE header.
However, in case if there are some minimal artefacts left, PE-sieve is still able to detect them, and to reconstruct the PE header from the remainings.