SECUREai CORE PE Advanced malware detection for PE files


SECUREai Core PE provides software developers with an effective way to safely inspect and dissect potentially harmful EXE, DLL, and other executable file formats that run on MS Windows platforms.

The tool uses a powerful parser and a flexible set of configuration files that are used to detect various types of malware indicators. It extracts and analyzes the header information for each file, such as Checksum, Section Name, and Initialized Data Size, to provide a fast, accurate, and lightweight solution to the PE malware problem. Moreover, the product analyzes PE files without actually running the program and potentially compromising a user's machine. And best yet, the engine uses artificial intelligence, so it's constantly improving.



Proprietary classifier identifies and blocks PE files with specific malware characteristics. The system is constantly improving and will continue to stop known and unknown threats.



Industry leading detection rates with less than 1% false positives. Contains deep reference set of thousands of malicious and benign samples, with new samples collected every day.



Looks only at the PE header information to dramatically speed up performance. It can process dozens of files per second, and will not weigh down the network.



The system learns and adapts to block new threats before files and data are encrypted. It stops executables from launching if the static analysis finds any malicious code.

What are PE files?

PE stands for Portable Executable. The PE format is a file format for executables, object code, DLLs, and FON Font files used in 32-bit and 64-bit versions of Windows operating systems.

Malware from PE Files47.80% of files submitted to VirusTotal are PE files

Malware From PE FILE

1 SECUREai Core PE’s lightweight SDK is installed into the network appliance or endpoint as part of other static and behavioral security measures.

2 As files come in, their characteristics are extracted and analyzed before the files run on the endpoint or device.

3 A malware probability score is created based on this analysis.

4 Malicious files are blocked before they can execute (see example).

5 Clean files are sent to the user.

Scanned File Sample

The file below has a 98.8% chance of being malicious.
It was processed in 0.04 seconds.

Analyzing file: /home/nfs/lx u/demo/pe/7e573983ea323bcac729a027bf2c85c115478700388db7ed0eed75f489868eb
Malicious score : 0.988662
Result : Malware


Total Execution time: 0.040182 seconds
Average scan time per file: 0.040182 seconds
Total number of files: 1
Number of successful scan: 1
Number of failed files: 0
Number of malware: 1
Number of .NET malware: 0
Number of goodware: 0
Number of .NET goodware: 0
Maximum file size in MB: 0.087402
Minimum file size in MB: 0.087402
Average file size in MB: 0.087402

Technical Specifications

Size: 4MB

Implementation: C-Library as software SDK ELF executable binary

Platform requirements: CPU Intel1GHz or faster 32-bit (x86) or 64-bit (x64), RAM 512M

Supported OS: Linux

Performance: 94.0% detection rate 2GB throughput per minute

Functionality: 70,000 features analyzed Static analysis Machine learning

Download the Secureai Whitepaper or contact Trustlook to learn more today.

download download OR contact Us contact Us