28 lines
1 KiB
Python
28 lines
1 KiB
Python
import pefile
|
|
import sys
|
|
|
|
def analyze_executable(file_path):
|
|
try:
|
|
pe = pefile.PE(file_path)
|
|
file_hash = hashlib.sha256(open(file_path, 'rb').read()).hexdigest()
|
|
print(f"Analyzing {file_path}...")
|
|
print(f"File Name: {pe.filename}")
|
|
print(f"Machine: {pe.FILE_HEADER.Machine}")
|
|
print(f"Number of Sections: {len(pe.sections)}")
|
|
print(f"Entry Point: {hex(pe.OPTIONAL_HEADER.AddressOfEntryPoint)}")
|
|
print(f"File hash (SHA256): {file_hash}")
|
|
print("\nSections:")
|
|
for section in pe.sections:
|
|
print(f"- Name: {section.Name.decode().strip()}")
|
|
print(f" Virtual Size: {section.Misc_VirtualSize}")
|
|
print(f" Raw Size: {section.SizeOfRawData}")
|
|
print(f" Characteristics: {hex(section.Characteristics)}")
|
|
|
|
except Exception as e:
|
|
print(f"Error analyzing file: {e}")
|
|
|
|
if __name__ == "__main__":
|
|
if len(sys.argv) != 2:
|
|
print("Usage: python exe_analyzer.py <path_to_executable>")
|
|
else:
|
|
analyze_executable(sys.argv[1])
|