ListModules is a new tool to analyze PE files, like my AnalyzePESig tool. In stead of analyzing all files you point it to, it takes a snapshot of all processes, and analyses the modules (.exe, .dll, …) loaded in these processes. The output is very similar to AnalyzePESig’s output.
Sysinternal’s tool ListDLLs is a similar tool, but ListModules provides more info and is open source.
It helped me a couple of times to find malicious DLLs loaded inside processes that the AV would not catch.
ListModules_V0_0_0_1.zip (https)
MD5: 56D6BD9479915E6FF1C29A9D9F8F7950
SHA256: 43DFAD3F18C2F317E283BCDD453311BB17F6216C6748C25D102778DF63021069
Process Explorer also can display info about loaded DLLs, but it’s nowhere near yours.
Comment by Grzechooo — Thursday 20 December 2012 @ 14:29