-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathextractPE.py
27 lines (23 loc) · 1.16 KB
/
extractPE.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
import pefile
import csv
def fileExtract(data):
print("Extracting the PE information of the file...")
header =["AddressOfEntryPoint","MajorLinkerVersion","MajorImageVersion","MajorOperatingSystemVersion","DllCharacteristics","SizeOfStackReserve","NumberOfSections","ResourceSize","IfMalware"]
with open('inputData.csv', 'w', encoding='UTF8', newline='') as f:
writer = csv.writer(f)
# header bilgilerini ekledik :
writer.writerow(header)
# zararlı yazılımların bilgilerini ekledik :
pe = pefile.PE(data)
a = str(pe.OPTIONAL_HEADER.AddressOfEntryPoint)
b = str(pe.OPTIONAL_HEADER.MajorLinkerVersion)
c = str(pe.OPTIONAL_HEADER.MajorImageVersion)
d = str(pe.OPTIONAL_HEADER.MajorOperatingSystemVersion)
e = str(pe.OPTIONAL_HEADER.DllCharacteristics)
f = str(pe.OPTIONAL_HEADER.SizeOfStackReserve)
g = str(pe.FILE_HEADER.NumberOfSections)
h = str(pe.OPTIONAL_HEADER.DATA_DIRECTORY[2].Size)
i = " " # zararlı bilgisini gösterir.
inputData = [a,b,c,d,e,f,g,h,i]
writer.writerow(inputData)
print("The file was successfully extracted.")