Identification of Desirable Traits in Malicious Portable Executable Files

Malware is software that has been purposefully created to interfere with the system’s operation. Contemporary malware is built with mutation, encryption, and other elements that make it more active and resistant which made it undetected by modern anti-virus software and result in a daily growth in the variety of malware samples. The Windows operating system makes use of the Portable executable file, a format or data structure for the executable file. Computers on windows OS employ a certain set of information in the PE file format for executing files. These PE files are used by malware to store and disseminate dangerous information. On Windows systems, the majority of files, whether good or evil, store and execute their.exe and other related documents in the PE file format. To identify the malicious content in the existing PE file, in this research paper, to identify the desirable characters from malicious PE files extracted using some forensic tools. Also implemented for malware identification and detection.