SuperPEHasher is a wrapper written in Python3 for several hash algorithms dedicated to PE file.
Project description
# SuperPeHasher
SuperPEHasher is a wrapper written in Python3 for several hash algorithms dedicated to PE file. It includes the following: * MD5, SHA2 * SSDEEP * PeHash * Import Hash * Import Fuzzy * Rich PE Hash * Machoc Hash
## Getting Started if you want more information about hashing algorithms you can visit the blog I wrote on [Medium](https://medium.com/@tom_rock/fifty-shades-of-malware-hashing-3783d98df59c?source=friends_link&sk=c3f3ed798e0c087eeb1d368868462724).
### Installing
To run this tool you can git clone and install the requirements.
` pip install -r requirements.txt pip install superpehasher `
## Running the tests
Once you installed the requirements you can run the file pehasher.py with a file as input.
` python pehasher.py sample.exe md5: 60b7c0fead45f2066e5b805a91f4f0fc sha1: 9018a7d6cdbe859a430e8794e73381f77c840be0 sha256: 80c10ee5f21f92f89cbc293a59d2fd4c01c7958aacad15642558db700943fa22 sha512: 68b9f9c00fc64df946684ce81a72a2624f0fc07e07c0c8b3db2fae8c9c0415bd1b4a03ad7ffa96985af0cc5e0410f6c5e29a30200efff21ab4b01369a3c59b58 ssdeep: 6144:Jv7Wc4dyC7dXNBzn68YoC+6VoQSkgrpZHqk61peBN1L+I8pfezYeWHMzyy14pL1k:JvSbJxPRC+XQSxb6Dc7RwIWHeGL7GOK ImpHash: f93b5d76132f6e6068946ec238813ce1 ImpFuzzy: 192:q9AW2Rpn8RrMqkNsQYDhs4kqp1qAw5tXLXVn/zgF79KPrzJ:qcp8lUNlc11qAw5tXLXV/zm79KP5 RicHash xored: f0eaf48df96ec9b2f3ae6d616be68b3d RicHash clear: e169b9c125be3598b84b8651d3f5ff91 PeHash: fa5ad3991616af0bb9d76132db7e9d6009c55baa Machoc Hash: 5ed7c76d41a02300e08e7177411a02300ead543fa0d346c2ed4ac25a954ac25a951a02300e1a02300e000039423f2825315453253154531a02300e253154532531545325315453[Truncated] `
## Built With
[SSDEEP](https://ssdeep-project.github.io/ssdeep/index.html)
[PeHash](https://www.usenix.org/legacy/events/leet09/tech/full_papers/wicherski/wicherski_html/index.html)
[ImpHash](https://www.fireeye.com/blog/threat-research/2014/01/tracking-malware-import-hashing.html)
[ImpFuzzy](https://github.com/JPCERTCC/impfuzzy)
[Machoke Hash](https://blog.conixsecurity.fr/machoke-hashing/)
[PeFile](https://github.com/erocarrera/pefile)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file superpehasher-0.4.tar.gz.
File metadata
- Download URL: superpehasher-0.4.tar.gz
- Upload date:
- Size: 5.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/4.0.1 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.60.0 CPython/3.9.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0d3144bcc0da892b855c4477e1f8f183a3fa1f31df4563fcaf53aebdea54ad6b |
|
| MD5 | 5e7c1ba474a4bfeec3ee724f3e90d77a |
|
| BLAKE2b-256 | bfe4fa398e92b5d3fd97009f1ba78c609d17aec1619dce406d2c564064e6cd1a |
