-
Notifications
You must be signed in to change notification settings - Fork 1
/
pe.py
25 lines (23 loc) · 850 Bytes
/
pe.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
import os
import pefile
import pandas as pd
def extract(path):
pe = pefile.PE(path, fast_load=True)
data = []
entropy = list(map(lambda x:x.get_entropy(), pe.sections))
SectionsMinEntropy = min(entropy)
SectionsMaxEntropy = max(entropy)
data.append(pe.OPTIONAL_HEADER.DllCharacteristics)
data.append(pe.FILE_HEADER.Characteristics)
data.append(pe.FILE_HEADER.Machine)
data.append(pe.OPTIONAL_HEADER.ImageBase)
data.append('0')
data.append(SectionsMaxEntropy)
data.append(pe.OPTIONAL_HEADER.Subsystem)
data.append(pe.FILE_HEADER.SizeOfOptionalHeader)
data.append(pe.OPTIONAL_HEADER.MajorSubsystemVersion)
data.append(SectionsMinEntropy)
data.append(pe.OPTIONAL_HEADER.MajorOperatingSystemVersion)
attributes =[]
attributes.append(data)
return pd.DataFrame(attributes)