Parse PE VS_VERSIONINFO structure and return JSON string.
Project description
VS_VERSIONINFO Structure Extractor
This package parses a VS_VERSIONINFO structure and returns a JSON string. Certain szKey members in this struct and its children are compared with the expected and the structs are marked non-standard if the strings are not as expected. Data returned from this parser is meant for malware analysis.
If you need to isolate the RT_VERSION resource for input into this extractor, try this Jupyter Notebook.
Usage
Native Python Dictionary Output
versioninfo.parser.get_versioninfo(data)
JSON Output
versioninfo.parser.to_json(data)
Bugs
If the parsing fails or there are any other problems, please provide the file that caused the problem in addition to opening a Github issue.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
versioninfo-1.1.1.tar.gz
(5.6 kB
view hashes)
Built Distribution
Close
Hashes for versioninfo-1.1.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 10cf88d98e8e9a86f65ac6f62f5290e5a947c0a4014c4cfd15f8fe6ba3ba7449 |
|
MD5 | 97e264c7d2c76ea599336f10089f4380 |
|
BLAKE2b-256 | a0cf6fc3aa1c144de8d134b1baea625d16da56a4c391d0a87c8710043084acf4 |