Parse PE VS_VERSIONINFO structure and return JSON string.
Project description
VS_VERSIONINFO Structure Extractor
This package parses a VS_VERSIONINFO structure and returns a JSON string. Certain szKey members in this struct and its children are compared with the expected and the structs are marked non-standard if the strings are not as expected. Data returned from this parser is meant for malware analysis.
If you need to isolate the RT_VERSION resource for input into this extractor, try this Jupyter Notebook.
Usage
Native Python Dictionary Output
versioninfo.parser.get_versioninfo(data)
JSON Output
versioninfo.parser.to_json(data)
Bugs
If the parsing fails or there are any other problems, please provide the file that caused the problem in addition to opening a Github issue.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
versioninfo-1.1.0.tar.gz
(5.5 kB
view hashes)
Built Distribution
Close
Hashes for versioninfo-1.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1ac30e60eee3047898366e271f5397fde60ddd753a132d0f5a7a0b3d53fe88ce |
|
MD5 | 0c2b241ef53c8113836828ce0c1419e6 |
|
BLAKE2b-256 | dcf655d3d78f90505aa5f2835bcdb1a0695244131c7b36013d58dfe70422269d |