`pescanner`

Spin up a Docker container (docker run) using the remnux/pescanner image, mapping the host /tmp (or wherever your suspicious file resides) to the Docker /tmp (/tmp:/tmp), drop directly into a terminal (-it, bash), and delete Docker after use (--rm). To be clear, when mapping host directories into Docker containers its /host:/container:

docker run --rm -it -v /tmp:/tmp remnux/pescanner bash

Run “pescanner” against the suspicious files (in this case teflonhandle.exe from the “EQUATIONGROUP” sample):

pescanner teflonhandle.exe

EXTRA---VirusTotal result for “d80b479b50126d5bc1b817a5e827f416”: https://www.virustotal.com/en/file/a77b96324c8a7ad764261deb24cb6f9bead2ba6a8cb284064f0af29a9eb53d06/analysis/

pescanner

`pescanner`

results matching ""

No results matching ""