Python pefile.__version__() Examples

The following are 1 code examples of pefile.__version__(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module pefile , or try the search function .
Example #1
Source File: PEFile.py    From multiscanner with Mozilla Public License 2.0 4 votes vote down vote up 
def scan(filelist, conf=DEFAULTCONF):
    results = []
    libmagicresults, libmagicmeta = REQUIRES[0]

    for fname, libmagicresult in libmagicresults:
        if fname not in filelist:
            print("DEBUG: File not in filelist")
        if not libmagicresult.startswith('PE32'):
            continue
        result = {}
        pe = pefile.PE(fname)
        result['pehash'] = _get_pehash(pe)
        check, sha = _get_rich_header(pe)
        if check:
            result['rich_header_checksum'] = check
        if sha:
            result['rich_header_sha256'] = sha
        if callable(getattr(pe, 'get_imphash', None)):
            try:
                result['import_hash'] = pe.get_imphash()
            except Exception as e:
                # TODO: log exception
                pass
        if hasattr(pe, 'DIRECTORY_ENTRY_RESOURCE'):
            result['resource_data'] = _dump_resource_data("ROOT",
            pe.DIRECTORY_ENTRY_RESOURCE,
            pe,
            False)
        result['sections'] = _get_sections(pe)
        if hasattr(pe, 'DIRECTORY_ENTRY_IMPORT'):
            result['imports'] = _get_imports(pe)
        else:
            result['imports'] = None
        if hasattr(pe, 'DIRECTORY_ENTRY_EXPORT'):
            result['exports'] = _get_exports(pe)
        else:
            result['exports'] = None
        result['pe_timestamp'] = _get_timestamp(pe)
        if hasattr(pe, 'DIRECTORY_ENTRY_DEBUG'):
            result['debug_info'] = _get_debug_info(pe)
        if hasattr(pe, 'VS_VERSIONINFO'):
            result['version_info'] = _get_version_info(pe)
        if hasattr(pe, 'DIRECTORY_ENTRY_TLS'):
            ret = _get_tls_info(pe)
            if ret:
                result['tls_callback_info'] = ret
        result = convert_encoding(result)
        results.append((fname, result))
    metadata = {}
    metadata["Name"] = NAME
    metadata["Type"] = TYPE
    metadata["Version"] = pefile.__version__
    metadata["Include"] = False
    return (results, metadata)


# This section is an adaption from the CRITS pefile service
# https://github.com/MITRECND/crits_services/blob/master/peinfo_service/__init__.py