def show_sections(filename): sections = pecore.get_sections(filename) if sections: len_sections = len(sections) print "\nSections discovered [" + str(len_sections) + "]" print "-"*60 for i in range(0, len_sections): print '\nSection'.ljust(18), sections[i][0] print 'Hash MD5'.ljust(18), sections[i][1] print 'Hash SHA-1'.ljust(18), sections[i][2] print 'VirtualAddress'.ljust(18), sections[i][4] print 'VirtualSize'.ljust(18), sections[i][5] print 'SizeofRawData'.ljust(18), sections[i][6] suspicious = sections[i][3] if suspicious: print 'Suspicious'.ljust(18), "Yes" else: print 'Suspicious'.ljust(18), "No"
def show_sections(filename):
sections = pecore.get_sections(filename)
if sections:
len_sections = len(sections)
print "\nSections discovered [" + str(len_sections) + "]"
print "-" * 60
for i in range(0, len_sections):
print '\nSection'.ljust(18), sections[i][0]
print 'Hash MD5'.ljust(18), sections[i][1]
print 'Hash SHA-1'.ljust(18), sections[i][2]
print 'VirtualAddress'.ljust(18), sections[i][4]
print 'VirtualSize'.ljust(18), sections[i][5]
print 'SizeofRawData'.ljust(18), sections[i][6]
suspicious = sections[i][3]
if suspicious:
print 'Suspicious'.ljust(18), "Yes"
else:
print 'Suspicious'.ljust(18), "No"
stdoutput.show_export(pe)
exit(0)
elif option == "--dir-import":
stdoutput.show_directory(pe, "import")
exit(0)
elif option == "--dir-export":
stdoutput.show_directory(pe, "export")
exit(0)
elif option == "--dir-resource":
stdoutput.show_directory(pe, "resource")
exit(0)
elif option == "--dir-debug":
stdoutput.show_directory(pe, "debug")
exit(0)
elif option == "--dir-tls":
stdoutput.show_directory(pe, "tls")
exit(0)
elif option == "--strings":
print pecore.get_strings(filename)
sys.exit(0)
elif option == "--sections":
print pecore.get_sections(pe)
sys.exit(0)
elif option == "--dump":
print pecore.get_dump(pe)
sys.exit(0)
else:
help.help()
is_pe(filename) if option == "--json": autoanalysis(pe, filename, json=True); exit(0) elif option == "--import": stdoutput.show_import(pe); exit(0) elif option == "--export": stdoutput.show_export(pe); exit(0) elif option == "--dir-import": stdoutput.show_directory(pe, "import"); exit(0) elif option == "--dir-export": stdoutput.show_directory(pe, "export"); exit(0) elif option == "--dir-resource": stdoutput.show_directory(pe, "resource"); exit(0) elif option == "--dir-debug": stdoutput.show_directory(pe, "debug"); exit(0) elif option == "--dir-tls": stdoutput.show_directory(pe, "tls"); exit(0) elif option == "--strings": print pecore.get_strings(filename); sys.exit(0) elif option == "--sections": print pecore.get_sections(pe); sys.exit(0) elif option == "--dump": print pecore.get_dump(pe); sys.exit(0) else: help.help()
