Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ./peframe.py --json zerolocker.exe
- {
- "Short Info": {
- "Compile Time": "2014-08-05 06:27:06",
- "Directories": [
- "Import",
- "Resource",
- "Debug",
- "Relocation"
- ],
- "Hash SHA-1": "5ed36132872be3d5d94627b89f15a7369f68fba1",
- "DLL": false,
- "File Size": "407552",
- "Detected": [
- "Packer"
- ],
- "Hash MD5": "bd0a3c308a6d3372817a474b7c653097",
- "Import Hash": "f34d5f2d4577ed6d9ceec516c1f5a744",
- "Sections": 3,
- "File Name": "zerolocker.exe"
- }
- } {
- "Digital Signature": {
- "Block Size": 0,
- "Virtual Address": 0,
- "Hash MD5": false,
- "Hash SHA-1": false
- }
- } {
- "Packer": [
- "Microsoft Visual C# / Basic .NET",
- "Microsoft Visual Studio .NET",
- ".NET executable",
- "Microsoft Visual C# v7.0 / Basic .NET"
- ]
- } {
- "Anti Debug": []
- } {
- "Anti VM": []
- } {
- "Suspicious API": []
- } {
- "Suspicious Sections": [
- {
- "Section": ".text\u0000\u0000\u0000",
- "Hash MD5": "60665dcc259f239b2df4113b981ffbd2",
- "Hash SHA-1": "e72fd0bd670709d0bb05b4ba43c4dc68f8555f34"
- },
- {
- "Section": ".reloc\u0000\u0000",
- "Hash MD5": "e2f2c68a0fa342279057585223afef4a",
- "Hash SHA-1": "a84cc1fc20e0c227cd75f1e2b3d749f08b693ac9"
- }
- ]
- } {
- "Url": [
- "System.Net"
- ],
- "File Name": [
- [
- "Executable",
- [
- "Task Manager.exe"
- ]
- ],
- [
- "Library",
- [
- "mscoree.dll"
- ]
- ],
- [
- "Database",
- [
- "C:\\Users\\George\\Desktop\\Projects\\ZeroLocker\\Testing Stuff\\Testing Stuff\\obj\\Debug\\Task Manager.pdb"
- ]
- ]
- ]
- } {
- "Meta Data": [
- "Translation: 0x0000 0x04b0",
- "LegalCopyright: Copyright \\xa9 2014",
- "Assembly Version: 3.23.12.12",
- "InternalName: Task Manager.exe",
- "FileVersion: 3.23.12.12",
- "ProductName: Task Manager",
- "ProductVersion: 3.23.12.12",
- "FileDescription: Task Manager",
- "OriginalFilename: Task Manager.exe"
- ]
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement