Installing Rudra to analyze PCAPs and PE files
Every malware analyst struggles now and then to analyze PE files in a hopefully mostly automated way. While PEStudio is definitely capable of doing this in a semi-automated way at least in my opinion it is highly unstable. Luckily, I found a project on GitHub called Rudra which does an awesome job in analyzing PE files and PCAPs. Since it took me some time to figure out all dependencies I thought it would be a good idea to create a post to help fellow security guys installing this beast. Prerequisites While you can surely install it on Windows using Python I highly recommend a Linux server for this purpose. In my tutorial I'll use a Ubuntu Server 18.04 to get the job done. After installing the server, don't forget to run # sudo apt-get update # sudo apt-get upgrade Getting Rudra Clone the Rudra Repository from GitHub to your Ubuntu Server # git clone https://github.com/7h3rAm/rudra Installing the prerequesites To be honest, this is where the pain