# peframe
> Static analysis of PE files — extract properties, detect anomalies, identify packers

**Category:** [[categories/static-analysis-pe|static-analysis-pe]] | **Tier:** Rich (FOR610)

## Usage
```bash
peframe specimen.exe
```

## Workflows
- [[workflows/static-analysis-workflow|Static Properties Analysis]] — Step 3: Packing & Entropy Check
- [[workflows/unpacking-workflow|Unpacking Packed Executables]] — Step 1: Packing Identification
- [[workflows/code-injection-workflow|Code Injection Analysis]] — Step 7: Extracted Payload Analysis
- [[workflows/dotnet-analysis-workflow|.NET Malware Analysis]] — Step 1: Identification & Metadata

## Related Tools
- [[tools/pestr|pestr]] — Extract ASCII and Unicode strings from PE files

## FOR610
**Labs:** 1.1, 4.8
**Sections:** 1, 4

#pe #static-analysis #triage