Malware Analysis Investigations
Static
Detect It Easy — This tool provides information about the file, such as its architecture, significant headers, packer used, and strings.
Capa — detects capabilities in executable files. May it be for the installation of a service, invocation of network connections, registry modifications and such.
Dynamic
Process Monitor (Procmon) — Windows tool that shows real-time registry, file system, and process/thread activity