Parse PE VS_VERSIONINFO structure and return JSON string.
Project description
VS_VERSIONINFO Structure Extractor
This package parses a VS_VERSIONINFO structure and returns a JSON string. Certain szKey members in this struct and its children are compared with the expected and the structs are marked non-standard if the strings are not as expected. Data returned from this parser is meant for malware analysis.
If you need to isolate the RT_VERSION resource for input into this extractor, try this Jupyter Notebook.
Usage
Native Python Dictionary Output
versioninfo.parser.get_versioninfo(data)
JSON Output
versioninfo.parser.to_json(data)
Bugs
If the parsing fails or there are any other problems, please provide the file that caused the problem in addition to opening a Github issue.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
versioninfo-1.1.2.tar.gz
(6.4 kB
view hashes)
Built Distribution
Close
Hashes for versioninfo-1.1.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0dedd2d3387cfe9b9fe9cd343796752712faf2da43c1ad9a53bf845400e51830 |
|
MD5 | 138b0b232c368042ce764007dc7c7426 |
|
BLAKE2b-256 | 7abddd8203b474becbece868938ba4ce127b13003c58c0c6673552f79a390322 |