Open ikiril01 opened 10 years ago
We should consider adding support for characterizing file overlays (data appended to the end of a PE file) as part of the Windows Executable File Object.
Context: this is useful primarily for malware-related use cases, for more accurately characterizing the properties of a PE binary (i.e. in MAEC).
LOE: Low
We should consider adding support for characterizing file overlays (data appended to the end of a PE file) as part of the Windows Executable File Object.